Extortion teams that ship emails threatening corporations with DDoS assaults except paid a sure price are making a comeback, safety agency Radware warned at the moment.
In a security alert despatched to its clients and shared with ZDNet this week, Radware mentioned that over the past week of 2020 and the primary week of 2021, its clients obtained a brand new wave of DDoS extortion emails.
Extortionists threatened corporations with crippling DDoS assaults except they acquired paid between 5 and 10 bitcoins ($150,000 to $300,000).
Radware mentioned that a few of the emails it seen had been despatched by a bunch that was lively over the 2020 summer time when the extortionists targeted many financial organizations across the world.
Firms that obtained this group’s emails final summer time additionally obtained new threats over the winter, Radware mentioned.
The safety agency believes that the rise within the Bitcoin-to-USD worth has led to some teams returning to or re-prioritizing DDoS extortion schemes.
However Radware mentioned that the Bitcoin worth surge was so sudden and sudden that it caught even some teams unexpectedly. Extortionists additionally needed to adapt and scale back their calls for over time, going from requesting 10 BTC to five BTC, as in some circumstances, the extortion price would have been too giant for some corporations to pay, because the Bitcoin worth tripled since August 2020.
And similar to in the summertime of 2020, Radware mentioned that these DDoS extortion teams had the firepower to ship on their threats.
Radware mentioned it noticed some organizations being focused with DDoS assaults after receiving the extortion emails. Assaults sometimes lasted round 9 hours and ranged round 200 Gbps, with one assault peaking at 237 Gbps.
However this resurgence in DDoS extortion techniques was additionally documented by Lumen’s Black Lotus Labs, which reported on their comeback final week.
The previous CenturyLink division, now a part of Lumen, mentioned these schemes by no means really stopped, though the frequency of those e mail threats died down over the autumn, in comparison with their prevalence over the summer time.
Identical to earlier than, the DDoS extortion gangs additionally stored utilizing the names of extra well-known hacking teams to ship their threats, hoping to intimidated victims. Attackers used names resembling Fancy Bear, Cozy Bear, Lazarus Group, and Armada Collective.
However in the direction of the top of the yr, Black Lotus Labs reported that a few of these extortion emails had been additionally signed utilizing the title of Kadyrovtsy, the title of an elite Chechen military group that has additionally been related to DDoS gangs and extortionists within the early 2010s.
Each Black Lotus Labs and Radware advisable that corporations not pay the ransom as this merely invitations extra extortions sooner or later. As a substitute, corporations are suggested to request extra safety in opposition to any potential assaults from their safety suppliers.