Greenworks

Greenworks operates as a power tool distributor with a significant commercial presence in the United States, primarily serving retail and professional customers through its e-commerce platform. The company's core business involves the sale of a wide range of power equipment, from lawn and garden tools to industrial-grade machinery, positioning it within the competitive consumer and contractor hardware sector. Its operational model relies heavily on online transactions, as evidenced by its U.S. website functioning as a primary sales channel where customers submit sensitive payment and personal data during checkout. This digital storefront represents a critical component of its market reach, facilitating direct-to-consumer and business-to-business sales across the nation. The nature of its products suggests a focus on durability and performance for outdoor and construction applications, though specific brand specializations or proprietary technologies are not detailed in the available information. The company's scale is implicitly indicated by the volume of customer data processed and the noted "significant recent increase in website traffic" preceding a major security incident, suggesting a substantial and active user base. Its headquarters location in the United States anchors its corporate identity within a major global market for power equipment.

A defining and publicly documented event in Greenworks' recent history is the sophisticated cyberattack discovered on June 8, 2020, which compromised its U.S. website. Attackers deployed a self-destructing payment card skimmer that exfiltrated customer payment card details, account credentials, and personal information during the checkout process. The malicious script demonstrated advanced evasion capabilities, including activation only upon user mouse movement to bypass automated security scans, concealment from browser developer tools, and an automatic self-destruct mechanism if manipulated by security researchers. The infrastructure supporting the skimmer was hosted on a domain purchased with cryptocurrency, and the campaign exhibited code obfuscation and anti-analysis features consistent with prior, documented skimming operations. Despite researchers notifying the company of the breach, the skimmer remained active for a period, potentially affecting thousands of customers due to the heightened website traffic at the time. This incident underscores the company's reliance on its digital sales infrastructure and the persistent threat of highly evasive e-commerce fraud targeting its customer transaction environment. The attack's technical sophistication and prolonged dwell time highlight a specific vulnerability in its web application security posture that was exploited at scale. No information is available regarding the company's ownership structure, parent or subsidiary relationships, or other operational divisions beyond its role as a distributor.