The United States Cyber Command (Cyber Command) today unveiled a malware campaign targeting three of the world’s largest online retailers, including Amazon, Amazon.com, and eBay.
The campaign targeted the ecommerce platforms with the goal of taking down or disabling online accounts for these sites, the company said in a statement.
Cyber Command said it began the operation late last month and said it has targeted at least 20 sites with the malicious software, which the cyberattacker exploited in the months leading up to the attack.
“This was a highly complex, multifaceted operation, but we are confident that we have demonstrated to the attackers that we are serious about cyber defense,” said Michael Smith, the chief information officer of Cyber Command, in a blog post today.
“Our cyber defenses have improved dramatically in the last year.
This new campaign underscores that.”
The attackers used the malware to target Amazon’s ecommerce platform, which it first launched in March 2017, and later the platforms of several other major U.S. online retailers including Target, Walmart, and Target Express.
“We believe that the cyber attackers have targeted Amazon and eBay in part because of their continued reliance on the Amazon platform and because they have significant financial interests in these platforms,” Smith said.
The company said the malware used by the attackers is highly targeted and requires a very high level of expertise to operate.
“In this case, the attackers used a combination of code and malware to attack Amazon and to infiltrate Amazon’s security,” the statement said.
“The attackers also used this malware to execute an attack on the target sites, which were targeted with high severity malicious code.”
Smith said Cyber Command had already begun working with law enforcement agencies to find the attackers and take them down.
“Cyber criminals, including the criminals who have targeted these retailers, are very skilled at exploiting weaknesses in the security of their targets,” he said.
Cyber security firms and other cybersecurity experts have said that the recent cyberattacks on major U