Extortion Gangs Return With New Generation of DDoS Attacks

After a lull in attacks, extortion gangs have returned in force, security firm Radware warned today. The company said a number of its clients saw an increase in the amount of ransom email threats over the winter.

According to Radware, a global community of hackers who threatened many financial organizations last summer have returned with new threats. These are the same extortionists who sent emails urging companies to pay them between 5 and 10 Bitcoins, the equivalent of $150,000 to $300,000.

The malware-based DDoS attack was the main weapon in this campaign, Radware says. The attackers used a worm-like botnet of infected computers to launch attacks on businesses’ networks.

Researchers found that some of the most severe attacks lasted for nine hours and ranged in bandwidth from 200 Gbps to 237 Gbps. The most sophisticated was the one that lasted for 10 hours and used a botnet of infected computers to deliver a record-breaking DDoS attack.

This new gen of DDoS attacks is also leveraging the most common web applications and protocols to hit targets. This makes them easier to amplify and harder to counter.

What’s more, they are able to leverage the recent surge in the price of Bitcoin as an incentive to return with new attacks.

The Bitcoin-to-USD price spike has driven some gangs to return to or re-prioritize DDoS extortion schemes, Radware says.

Some of the extortionists have also tweaked their demands, lowering them from the ten-bitcoin request to five or even four Bitcoins. This is because the high price of Bitcoin made it more difficult for some businesses to pay, so the extortionists had to reduce their requests.

Law officers advise targeted companies not to pay the ransom because doing so could encourage other gangs to join the crime, making ransom-paying businesses more susceptible to DDoS attacks.