Menu
Browse

Cyber Threat Actor: Austin Epperson

Actor Type Location Known Incidents
 Icon
Sensationalist
Thailand
1 incident
Profile

Austin Epperson,also known by the alias Austin Epperson, is a threat actor whose activities have been linked to a 2015 incident involving a ride‑sharing company’s petition microsite. According to publicly available reporting, the actor operated from Thailand and on June 12, 2015 exploited a stored cross‑site scripting vulnerability in the microsite. The flaw stemmed from insufficient input sanitization, which allowed the attacker to inject malicious scripts directly into the live signature feed of the site. By leveraging this vector, Austin Epperson was able to deface the platform with promotional content for a competing service and to redirect unsuspecting visitors to external pages. The attack also resulted in the insertion of more than one hundred thousand fraudulent entries into the feed, altering the site’s functionality until corrective measures were applied. No evidence suggests that the intrusion granted access to the company’s internal systems, as the affected microsite was hosted externally.

Security analysts who examined the breach noted that the injected code created conditions that could have facilitated malware distribution, credential phishing attempts, or further exploitation such as SQL injection, although the ride‑sharing firm confirmed that no user data was compromised during the event. The persistent nature of the defacement meant that visitors continued to see the competitor’s promotional material and were redirected until the vulnerability was patched and the fraudulent entries removed from the signature feed. In the aftermath, the disclosure process surrounding the vulnerability became contentious; the individual who initially reported the flaw was deemed ineligible for any recognition or reward because the company lacked a formal bug bounty program and considered public disclosure outside of authorized channels as a violation of its policy. This episode highlighted the challenges that arise when security researchers uncover weaknesses in externally facing assets without a coordinated reporting framework, and it underscored the importance of clear vulnerability handling procedures even when no direct data breach occurs.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources