Scenario

You work for Pledge Insurance on the security team. You have been told by multiple employees and customers that the website seems to be running slow. The system administrators tell you that they do not see the website showing any performance issues. You have been tasked with investigating if the performance issues the users are experiencing is security related.

Goal

Identify cases of users complaining of slow activity and weird behavior with their insurance website.

Objectives

Objective 1: Is the website compromised? If so, how and why?

Objective 2: Are there any other websites that may exhibit the same behavior?

Objective 3: What does the infrastructure look like and does it appear malicious?

Searches

First search: Perform a search for pledgeinsurance.com.
https://community.riskiq.com/search/pledgeinsurance.com

Step by Step Video