For two months, the DDoS extortioners, who in fact don’t get anyone, paid $ 100,000 in "compensation"
"This is not a joke," the attackers said. Actually, the joke
The Wizard of Oz (1939)
Extortion is a long-standing "business." So old that tracking the history of the appearance of this type of crime is simply impossible. But in our time, a new kind of extortion, which is used by cybercriminals, has appeared. This is DDoS-extortion (not to mention cryptographers).
')
Attackers send a message to a potential victim demanding payment of a certain amount. Otherwise, the victim is threatened with a DDoS attack, as a result of which a company or an individual can lose more money than just by paying extortionists. As it turned out, this tactic works very well - you can not even have any resources for DDoS, just threaten - and the money will flow like a river.
Here is the threat of a new type of criminals. It is required to pay a certain amount before a certain date, otherwise -death from DDoS
Quite a lot of such messages were sent around the world, and collective authorship - a certain Armada Collective community is mentioned. Representatives of this community require you to pay 10 bitcoins. If payment is not received before a certain date, a DDoS attack will be launched. You can stop it no longer for 10, but for 20 Bitcoins, and every day “delay” will cost the victim another 10 Bitcoins. At the end of the message it was said that "this is not a joke."
This is actually a joke. The CloudFlare team conducted its own investigation , during which it turned out that none of the companies providing anti-DDoS services faced the attack of this group (the attackers claimed the possibility of carrying out an attack up to 1Tbps, but nothing of the kind was recorded). Moreover, nobody addressed companies that work in this area, complaining about the Armada Collective.
In this case, the attackers claimed that having received the payment, they will know who paid. In fact, most of the victims were asked for the same amount, which was sent to the same bitcoin account. In this case, to find out who paid and who did not, with a sufficiently large number of transactions is almost impossible.
But it was possible to find out that attackers leading such a strange game received more than $ 100,000 in equivalent of bitcoin from their “victims”.
Moreover, it turned out that the Armada Collective group, which acted in a similar way, really existed before. But it was revealed and neutralized in November 2015. Until now, group members are in places not so remote, and someone uses their laurels for redemption. The original Armada Collective announced the possibility of launching an attack with power up to 500Gbps, but CloudFlare and similar services did not record anything more powerful than 60Gbps. As for the "heirs", their statement about the attack with a capacity of 1Tbps is a fairy tale.
Whatever it was, experts from CloudFlare urged users who received such messages to treat them objectively. In order not to get a problem, it is worth trying to get additional information about the sender of such a threat (and there may be several of them; now several commands from malicious users are sending such threats). It is clear that CloudFlare advises to protect themselves and their business by contacting the company when they receive a message from the attackers.
The Wizard of Oz (1939)
The Wizard of Oz (1939)
Extortion is a long-standing "business." So old that tracking the history of the appearance of this type of crime is simply impossible. But in our time, a new kind of extortion, which is used by cybercriminals, has appeared. This is DDoS-extortion (not to mention cryptographers).
')
Attackers send a message to a potential victim demanding payment of a certain amount. Otherwise, the victim is threatened with a DDoS attack, as a result of which a company or an individual can lose more money than just by paying extortionists. As it turned out, this tactic works very well - you can not even have any resources for DDoS, just threaten - and the money will flow like a river.
Here is the threat of a new type of criminals. It is required to pay a certain amount before a certain date, otherwise -
Quite a lot of such messages were sent around the world, and collective authorship - a certain Armada Collective community is mentioned. Representatives of this community require you to pay 10 bitcoins. If payment is not received before a certain date, a DDoS attack will be launched. You can stop it no longer for 10, but for 20 Bitcoins, and every day “delay” will cost the victim another 10 Bitcoins. At the end of the message it was said that "this is not a joke."
This is actually a joke. The CloudFlare team conducted its own investigation , during which it turned out that none of the companies providing anti-DDoS services faced the attack of this group (the attackers claimed the possibility of carrying out an attack up to 1Tbps, but nothing of the kind was recorded). Moreover, nobody addressed companies that work in this area, complaining about the Armada Collective.
In this case, the attackers claimed that having received the payment, they will know who paid. In fact, most of the victims were asked for the same amount, which was sent to the same bitcoin account. In this case, to find out who paid and who did not, with a sufficiently large number of transactions is almost impossible.
But it was possible to find out that attackers leading such a strange game received more than $ 100,000 in equivalent of bitcoin from their “victims”.
Moreover, it turned out that the Armada Collective group, which acted in a similar way, really existed before. But it was revealed and neutralized in November 2015. Until now, group members are in places not so remote, and someone uses their laurels for redemption. The original Armada Collective announced the possibility of launching an attack with power up to 500Gbps, but CloudFlare and similar services did not record anything more powerful than 60Gbps. As for the "heirs", their statement about the attack with a capacity of 1Tbps is a fairy tale.
Whatever it was, experts from CloudFlare urged users who received such messages to treat them objectively. In order not to get a problem, it is worth trying to get additional information about the sender of such a threat (and there may be several of them; now several commands from malicious users are sending such threats). It is clear that CloudFlare advises to protect themselves and their business by contacting the company when they receive a message from the attackers.
The Wizard of Oz (1939)
Source: https://habr.com/ru/post/393315/
All Articles