The Hackers Who Tracked My Sleep Cycle
Summary
A security-focused blog post recounts a campaign where hackers created thousands of accounts with valid payment methods to trigger expensive API calls, timing the activity with the author's sleep cycle and checking online status. The author treats it as a live pentest, testing multiple defenses and detailing what worked, what didn’t, and the broader card-testing vulnerability in payment systems.