Illusory Company CyberSecurity Posture

illusory.io
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

Illusory makes it easier to scrape online data and perform automated tasks without getting blocked or detected. Train AI language models, conduct market research, or run mission-critical operations with our powerful, bare metal mobile proxies.

Illusory A.I CyberSecurity Scoring

Illusory

Company Details

Linkedin ID:

illusoryio

Website:

https://illusory.io

Employees number:

3

Number of followers:

34

NAICS:

513

Industry Type:

Technology, Information and Internet

Homepage:

illusory.io

IP Addresses:

Scan still pending

Company ID:

ILL_1233454

Scan Status:

In-progress

AI scoreIllusory Risk Score (AI oriented)

Between 700 and 749

https://images.rankiteo.com/companyimages/illusoryio.jpeg
Illusory Technology, Information and Internet
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreIllusory Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/illusoryio.jpeg
Illusory Technology, Information and Internet
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Illusory

Moderate
Current Score
742
Ba (Moderate)
01000
1 incidents
-26.0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

DECEMBER 2025
768
Vulnerability
16 Dec 2025 • Illusory Systems and Federal Trade Commission: Illusory Systems settles with FTC over 2022 cryptocurrency hack
Nomad Token Bridge Hack

**FTC Orders Nomad to Return Stolen Funds and Reform Security After $186M Crypto Hack** The Federal Trade Commission (FTC) has reached a settlement with **Illusory Systems (operating as Nomad)**, requiring the company to return recovered funds to victims and implement sweeping cybersecurity reforms. The order follows a **2022 breach** in which hackers exploited a vulnerability in Nomad’s **Token Bridge**—a smart contract solution designed to transfer cryptocurrency across blockchains—stealing **$186 million** from users. The FTC’s investigation found that Nomad **misrepresented its security practices**, advertising its platform as “high security” and “security first” while failing to implement basic safeguards. In **June 2022**, the company deployed **untested code** after a security audit, leaving a critical flaw unaddressed. By **July 2022**, attackers exploited the vulnerability, draining user funds. White hat hackers later secured **$37 million** of the stolen assets, which Nomad is now required to return. The FTC’s complaint highlighted **systemic security failures**, including: - **Inadequate testing**: Most pre-deployment checks focused on functionality, not security. - **Lack of safeguards**: No automated fraud monitoring, circuit breakers, or kill switches to halt suspicious transactions. - **Delayed response**: The breach was detected via **social media**, not internal systems, and engineers scrambled to respond—including relaying code fixes mid-flight. - **Ignored warnings**: Months before the hack, an engineer warned leadership about weak testing practices, citing a prior incident where untested code caused losses. Nomad also **overrode internal efforts to reimburse users** after a separate bug in its web interface led to losses, with executives reportedly stating the platform offered “no guarantees of safety.” Under the settlement, Nomad must **develop a comprehensive cybersecurity program**, address flaws identified by the FTC, and submit to **third-party assessments**. The case underscores the FTC’s stance that companies must **deliver on security promises**—or face enforcement action.

742
critical -26
ILLFED1765936610
Incident Details -
Type
Data Breach, Cryptocurrency Theft
Attack Vector
Exploitation of a software vulnerability in smart contracts
Vulnerability Exploited
Inadequately tested code in Token Bridge smart contracts
Motivation
Financial gain
Impact
Financial Loss: $186 million Data Compromised: Cryptocurrency funds Systems Affected: Token Bridge smart contracts, cryptocurrency wallets Operational Impact: Token Bridge was emptied of assets; delayed response due to lack of automated monitoring Brand Reputation Impact: Significant damage due to misrepresentation of security capabilities Legal Liabilities: FTC settlement, potential fines, and regulatory actions Payment Information Risk: Cryptocurrency funds at risk
Response
Incident Response Plan Activated: Yes, but delayed and chaotic Containment Measures: Shut down the bridge after assets were drained Remediation Measures: Implementation of a comprehensive cybersecurity plan as part of FTC settlement Recovery Measures: Return of $37 million safeguarded by white hat hackers to users Enhanced Monitoring: Required as part of FTC settlement
Data Breach
Type Of Data Compromised: Cryptocurrency funds Sensitivity Of Data: High (financial assets) Data Exfiltration: Yes, $186 million stolen
Regulatory Compliance
Regulations Violated: FTC Act (unfair or deceptive practices) Legal Actions: FTC settlement requiring security reforms and fund return
Lessons Learned
Failure to implement secure coding practices, lack of automated fraud monitoring, inadequate security staffing, and misrepresentation of security capabilities led to catastrophic financial loss.
Recommendations
Implement secure coding practices, conduct thorough security testing, establish automated fraud monitoring, hire adequate security staff, and avoid misrepresenting security capabilities.
Investigation Status
['Completed (FTC settlement reached)']
Post Incident Analysis
Root Causes: Inadequate code testing, lack of secure coding practices, absence of automated fraud monitoring, insufficient security staff, and misrepresentation of security capabilities. Corrective Actions: Implementation of a comprehensive cybersecurity plan, third-party assessments, and return of recovered funds to victims.
References
Blog URL Source URL
NOVEMBER 2025
768
OCTOBER 2025
768
SEPTEMBER 2025
768
AUGUST 2025
768
JULY 2025
768
JUNE 2025
768
MAY 2025
768
APRIL 2025
768
MARCH 2025
768
FEBRUARY 2025
768
JANUARY 2025
768

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for Illusory is 742, which corresponds to a Moderate rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for April 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2025 was 768.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2025 was 768.

Over the past 12 months, the average per-incident point impact on Illusory’s A.I Rankiteo Cyber Score has been -26.0 points.

You can access Illusory’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/illusoryio.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view Illusory’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/illusoryio.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.