IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Global ransom DDoS extortionists are retargeting companies

Threat actors asked for 10 bitcoins, or they will attack corporate networks

DDoS Attack on a screen

According to security researchers, a ransom DDoS campaign retargeting organizations around the world is underway.

In a cyber security alert by Radware, the first wave began in August, but DDoS extortionists targeted companies with a global ransom DDoS campaign for a second time during the last week of December and the first week of January.

The new extortion emails the cyber criminals sent started with: “Maybe you forgot us, but we didn’t forget you. We were busy working on more profitable projects, but now we are back.”

“We asked for 10 bitcoin to be paid at

According to Radware, companies that received this letter also received threats in August and September 2020. Security researchers’ analysis of this new wave of ransom letters suggested that the same threat actors from the middle of 2020 are behind these malicious communications.

When the DDoS extortion campaign started in August of 2020, a single Bitcoin was worth approximately $10,000. It’s now worth roughly $30,000. The attackers cited this in the latest round of ransom letters, and it represents the impact the rising price of Bitcoin is having on the threat landscape.

A few hours after receiving the message, organizations were hit by DDoS attacks that exceeded 200Gbps and lasted over nine hours without slowdown or interruption. A maximum attack size of 237Gbps was reached with a total duration of nearly 10 hours, the alert warned.

Pascal Geenens, director of threat intelligence at Radware, told IT Pro that DDoS extortion campaigns have traditionally been seasonal events. They would run annually for a few weeks and target specific industries or companies before the threat actor would typically give up. 

“This campaign represents a calculated shift from these tactics and DDoS extortion has now become an integral part of the threat landscape. This is a clear indicator that companies need to take DDoS extortion campaigns seriously,” Greenens said.

“Without DDoS protection, organizations are exposed and vulnerable to repeat attacks and there is no guarantee it will stop following payment. This type of cyber criminal is seeking financial gain and by knowing an organization has succumbed to the threat, it will lead them to retarget again in the future.”

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Protecting healthcare from cybercrime
Whitepaper

Protecting healthcare from cybercrime

25 May 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022