Worldwide ransom DDoS extortionists return in a new wave of attacks

Get a free Techzine subscription!

Security researchers have revealed that a ransom DDoS campaign is underway, targeting organizations all over the world. A cybersecurity alert by Radware indicates that the first wave of these attacks started in August. However, the DDoS campaigns were aimed at companies again, in the last week of December and the first week of January.

The new extortion emails sent by these criminals start with “Maybe you forgot us, but we didn’t forget you. We were busy working on more profitable projects, but now we are back.”

Then they go on to ‘ask’ for Bitcoin as ransom. The same companies that received this letter also got threats in August and September of 2020.

The crypto boom’s effect

The security researchers analyzed the new wave of ransom letters, and the conclusion is that it could be the same threat actors from the middle of last year who are perpetrating these attacks.

When the DDoS extortion campaign started in August, one Bitcoin was worth $10,000. Now, it is worth a whopping $30,000.

The attackers cited this as the reason for their return. It represents the impact of the rising prices of the world’s most famous cryptocurrency on the online threat landscape. A few hours after receiving the letters, the organizations were barraged by DDoS attacks exceeding 200 Gbps.

Protection is important

The attacks lasted over nine hours without any sign of slowing down or interruption. The alert released warns that a maximum attack size of 237 Gbps was reached within 10 hours.

Pascal Geenens, the director of threat intelligence at Radware, said that the DDoS extortion campaigns have always been seasonal. They usually run for a few weeks and target specific industries and companies.

Without protection, the organizations exposed are vulnerable to repeat attacks, and usually, payment doesn’t guarantee that the criminals will stop.