Global ransom DDoS extortionists are retargeting companies
Threat actors asked for 10 bitcoins, or they will attack corporate networks
According to security researchers, a ransom DDoS campaign retargeting organizations around the world is underway.
In a cyber security alert by Radware, the first wave began in August, but DDoS extortionists targeted companies with a global ransom DDoS campaign for a second time during the last week of December and the first week of January.
The new extortion emails the cyber criminals sent started with: “Maybe you forgot us, but we didn’t forget you. We were busy working on more profitable projects, but now we are back.”
“We asked for 10 bitcoin to be paid at
According to Radware, companies that received this letter also received threats in August and September 2020. Security researchers’ analysis of this new wave of ransom letters suggested that the same threat actors from the middle of 2020 are behind these malicious communications.
When the DDoS extortion campaign started in August of 2020, a single Bitcoin was worth approximately $10,000. It’s now worth roughly $30,000. The attackers cited this in the latest round of ransom letters, and it represents the impact the rising price of Bitcoin is having on the threat landscape.
A few hours after receiving the message, organizations were hit by DDoS attacks that exceeded 200Gbps and lasted over nine hours without slowdown or interruption. A maximum attack size of 237Gbps was reached with a total duration of nearly 10 hours, the alert warned.
Pascal Geenens, director of threat intelligence at Radware, told IT Pro that DDoS extortion campaigns have traditionally been seasonal events. They would run annually for a few weeks and target specific industries or companies before the threat actor would typically give up.
“This campaign represents a calculated shift from these tactics and DDoS extortion has now become an integral part of the threat landscape. This is a clear indicator that companies need to take DDoS extortion campaigns seriously,” Greenens said.
“Without DDoS protection, organizations are exposed and vulnerable to repeat attacks and there is no guarantee it will stop following payment. This type of cyber criminal is seeking financial gain and by knowing an organization has succumbed to the threat, it will lead them to retarget again in the future.”
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now