Scenario

As a cybersecurity analyst at ShopSphere, an online retail platform, you play a key role in safeguarding the digital storefront and ensuring a secure shopping experience for millions of users worldwide. Your expertise is crucial in identifying vulnerabilities and protecting the company's assets and customer information from potential threats.

Following an unusual pattern of administrative logins late at night, the cybersecurity team has been prompted to launch an investigation. These unusual logins hint at a potential breach alongside incoming customer complaints regarding account anomalies.

Your task is to analyze the network traffic captured to identify the nature and source of the potential breach. Your findings will be crucial in mitigating the impact of the breach and fortifying ShopSphere's defenses against future attacks.

Investigation Scope

In this scenario, your responsibility is to investigate unusual administrative logins to an online platform, ShopSphere, occurring outside of regular working hours. These logins are suspected to be the actions of malicious actors attempting to manipulate users' accounts. Your task is to analyze the packet capture to identify the sources of these logins, determine whether they are malicious, and evaluate their impact on the platform.

Walkthrough

We will be using Wireshark for this analysis, feel free to use any tool you are comfortable with!

Q.01 In the realm of cybersecurity, identifying the attacker's IP address is pivotal for mapping the attack's scope and strategizing an effective response. What is the IP address associated with the attacker?

As u