As Bitcoin Price Surges, DDoS Extortion Gangs Return In Force
Extortion groups that send emails threatening companies with DDoS attacks unless paid a certain fee are making a comeback, security firm Radware warned today.
In a security alert sent to its customers and shared with ZDNet this week, Radware said that during the last week of 2020 and the first week of 2021, its customers received a new wave of DDoS extortion emails.
Extortionists threatened companies with crippling DDoS attacks unless they got paid between 5 and 10 bitcoins ($150,000 to $300,000).
Radware said that some of the emails it seen were sent by a group that was active over the 2020 summer when the extortionists targeted many financial organizations across the world.
Companies that received this group's emails last summer also received new threats over the winter, Radware said.
The security firm believes that the rise in the Bitcoin-to-USD price has led to some groups returning to or re-prioritizing DDoS extortion schemes.
But Radware said that the Bitcoin price surge was so sudden and unexpected that it caught even some groups by surprise. Extortionists also had to adapt and reduce their demands over time, going from requesting 10 BTC to 5 BTC, as in some cases, the extortion fee would have been too large for some companies to pay, as the Bitcoin price tripled since August 2020.
And just like in the summer of 2020, Radware said that these DDoS extortion groups had the firepower to deliver on their threats.
Radware said it saw some organizations being targeted with DDoS attacks after receiving the extortion emails. Attacks typically lasted around nine hours and ranged around 200 Gbps, with one attack peaking at 237 Gbps.
But this resurgence in DDoS extortion tactics was also documented by Lumen's Black Lotus Labs, which reported on their comeback last week.
The former CenturyLink division, now part of Lumen, said these schemes never actually stopped, although the frequency of these email threats died down over the fall, compared to their prevalence over the summer.
Just like before, the DDoS extortion gangs also kept using the names of more famous hacking groups to send their threats, hoping to intimidated victims. Attackers used names such as Fancy Bear, Cozy Bear, Lazarus Group, and Armada Collective.
But towards the end of the year, Black Lotus Labs reported that some of these extortion emails were also signed using the name of Kadyrovtsy, the name of an elite Chechen military group that has also been associated with DDoS gangs and extortionists in the early 2010s.
Both Black Lotus Labs and Radware recommended that companies not pay the ransom as this merely invites more extortions in the future. Instead, companies are advised to request additional protection against any potential attacks from their security providers.
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more