For a successful phishing attack, a white hacker to receive 100,000 roubles from Innostage

Innostage, an integrator and developer of services and solutions in the field of digital security, will pay a reward of 100 thousand rubles for the implementation of an interim event as part of the open cyber testing program. Security researcher actions led to compromise of company employee account.

The participant in the cyber testing programme created a phishing message, sent it to Innostage employees, and as a result was able to take over the account of one of them. The white hat hacker described his actions in a report and uploaded it to the Standoff Bug Bounty platform. During the verification, it was found that the account was indeed compromised, but the consolidation on corporate workstation did not take place.

Innostage Company conducts cyber tests on the platform for security researchers Standoff Bug Bounty to test the cyber resilience of its IT infrastructure.

On the way to the implementation of the main unacceptable event, there are a number of intermediate actions, for which the company is ready to pay additional compensation. Among the significant moves is the capture of an account with fixation on a corporate workstation. However, Innostage decided to award the researcher despite the incomplete implementation.