Extortion teams that ship emails threatening firms with DDoS assaults until paid a sure charge are making a comeback, safety agency Radware warned in the present day.
In a security alert despatched to its clients and shared with ZDNet this week, Radware stated that over the past week of 2020 and the primary week of 2021, its clients acquired a brand new wave of DDoS extortion emails.
Extortionists threatened firms with crippling DDoS assaults until they obtained paid between 5 and 10 bitcoins ($150,000 to $300,000).
Radware stated that among the emails it seen have been despatched by a bunch that was energetic over the 2020 summer time when the extortionists targeted many financial organizations across the world.
Firms that acquired this group’s emails final summer time additionally acquired new threats over the winter, Radware stated.
The safety agency believes that the rise within the Bitcoin-to-USD value has led to some teams returning to or re-prioritizing DDoS extortion schemes.
However Radware stated that the Bitcoin value surge was so sudden and surprising that it caught even some teams without warning. Extortionists additionally needed to adapt and cut back their calls for over time, going from requesting 10 BTC to five BTC, as in some circumstances, the extortion charge would have been too giant for some firms to pay, because the Bitcoin value tripled since August 2020.
And identical to in the summertime of 2020, Radware stated that these DDoS extortion teams had the firepower to ship on their threats.
Radware stated it noticed some organizations being focused with DDoS assaults after receiving the extortion emails. Assaults sometimes lasted round 9 hours and ranged round 200 Gbps, with one assault peaking at 237 Gbps.
However this resurgence in DDoS extortion techniques was additionally documented by Lumen’s Black Lotus Labs, which reported on their comeback final week.
The previous CenturyLink division, now a part of Lumen, stated these schemes by no means truly stopped, though the frequency of those e-mail threats died down over the autumn, in comparison with their prevalence over the summer time.
Identical to earlier than, the DDoS extortion gangs additionally stored utilizing the names of extra well-known hacking teams to ship their threats, hoping to intimidated victims. Attackers used names comparable to Fancy Bear, Cozy Bear, Lazarus Group, and Armada Collective.
However in the direction of the tip of the yr, Black Lotus Labs reported that a few of these extortion emails have been additionally signed utilizing the title of Kadyrovtsy, the title of an elite Chechen military group that has additionally been related to DDoS gangs and extortionists within the early 2010s.
Each Black Lotus Labs and Radware really helpful that firms not pay the ransom as this merely invitations extra extortions sooner or later. As a substitute, firms are suggested to request extra safety in opposition to any potential assaults from their safety suppliers.