DDoS Attack or Empty Threats
Posted by: Timothy Weaver on 04/27/2016 10:32 AM
[
Comments
]
Although the key members of the Armada Collective, also known as DD4BC (DDoS for Bitcoin), were put away in January by Europol during Operation Pleiades, another actor has decided to co-opt their technique of sending threatening DDoS extortion messages to businesses worldwide.
Only difference is, this group isn’t following through with its threat, and it’s still collecting serious money.
CloudFlare CEO Matthew Prince says that the group has pocketed more than $100,000 without following through with any of its threats.
“To date, we’ve not seen a single attack launched against a threatened organization. This is in spite of nearly all of the threatened organizations we’re aware of not paying the extortion fee,” Prince said. “We’ve compared notes with fellow DDoS mitigation vendors and none of them have seen any attacks launched since March against organizations that have received Armada Collective threats.”
Prince said: “While the actual members of the original Armada Collective appear locked up in a European jail, with little more than some Bitcoin addresses and an email account some enterprising individuals are drafting off the group’s original name, sowing fear, and collecting hundreds of thousands of extorted dollars.”
“While the message states that the attackers will know who has paid, we’ve seen several examples of multiple victims being targeted during the same time period and asked to send the same amount to the same Bitcoin address,” Prince said. “Since Bitcoin is, as the message correctly notes, anonymous, this means that there is no way for the attacker to tell who has paid the extortion fee and who has not.”
Source: Threat Post
Only difference is, this group isn’t following through with its threat, and it’s still collecting serious money.CloudFlare CEO Matthew Prince says that the group has pocketed more than $100,000 without following through with any of its threats.
“To date, we’ve not seen a single attack launched against a threatened organization. This is in spite of nearly all of the threatened organizations we’re aware of not paying the extortion fee,” Prince said. “We’ve compared notes with fellow DDoS mitigation vendors and none of them have seen any attacks launched since March against organizations that have received Armada Collective threats.”
Prince said: “While the actual members of the original Armada Collective appear locked up in a European jail, with little more than some Bitcoin addresses and an email account some enterprising individuals are drafting off the group’s original name, sowing fear, and collecting hundreds of thousands of extorted dollars.”
“While the message states that the attackers will know who has paid, we’ve seen several examples of multiple victims being targeted during the same time period and asked to send the same amount to the same Bitcoin address,” Prince said. “Since Bitcoin is, as the message correctly notes, anonymous, this means that there is no way for the attacker to tell who has paid the extortion fee and who has not.”
Source: Threat Post
Comments
