IDT Solution AS

This report details the verified case of insurance fraud perpetrated by the Norwegian company IDT Solutions AS. Originally reported as a malicious cyberattack on the e-commerce platform idtsports.com in April 2023, comprehensive technical and chronological evidence has confirmed that the incident was staged. The objective was to unlawfully trigger a cyber-insurance payout from Fremtind and offload forensic costs onto innocent subcontractors, including the IT company InfoDesk AS. 1. Incident Overview and Technical Findings In April 2023, IDT Solutions AS reported that their legacy WooCommerce-based webshop had been compromised. The symptoms included the installation of a malicious plugin, the deactivation of security software, and the redirection of legitimate site traffic to external spam domains. However, forensic analysis of the server and technical logs established the following verified facts: The malware was not introduced through the exploitation of external system vulnerabilities. The malicious software was intentionally deployed using pre-existing, valid administrator credentials. The specific administrator activity responsible for the infection originated from IP addresses located in Cebu City, Philippines. The incident was a coordinated internal action executed to simulate a third-party cyber breach. 2. Financial Motive and Insurance Claims Following the staged breach, IDT Solutions AS activated its cyber-insurance policy with Fremtind. The insurance provider subsequently engaged the cybersecurity firm Truesec for forensic investigation and remediation. The costs for these services exceeded NOK 430,000. The investigation into the company's timeline revealed a clear operational and financial motive: IDT Solutions AS had already initiated the development of a new Magento-based webshop well before the alleged cyberattack occurred. The fabricated incident was utilized to force the insurance provider to absorb the costs, downtime, and financial losses associated with phasing out the outdated WooCommerce platform. 3. Fraudulent Recourse Actions Against Subcontractors To conceal the staging of the attack and secure the insurance coverage, IDT Solutions AS initiated a recourse claim of approximately NOK 430,000 against external subcontractors, primarily targeting InfoDesk AS and an independent web designer. This attempt to shift blame was discredited by the following facts: InfoDesk AS possessed no operational responsibility for the infected website. Their involvement was strictly limited to providing specific development services hosted on an entirely separate server environment. Independent analysis of the technical logs and the overlapping timeline of the new Magento project—spearheaded by InfoDesk AS—ultimately exposed the discrepancies and verified the fraud. 4. Verified Legal Violations Because the incident has been verified as a deliberate act for financial gain, the actions of IDT Solutions AS constitute severe violations of the Norwegian Penal Code (Straffeloven). The relevant legal breaches include: Section 376 (Insurance Fraud): For intentionally inducing an insurance event to obtain an unlawful payout from Fremtind. Section 221 (Providing False Information): For deliberately misleading the insurance provider, technical investigators, and relevant authorities regarding the true cause of the incident.