Global ransom DDoS extortionists are retargeting companies

Threat actors asked for 10 bitcoins, or they will attack corporate networks

DDoS Attack on a screen

According to security researchers, a ransom DDoS campaign retargeting organizations around the world is underway.

In a cyber security alert by Radware, the first wave began in August, but DDoS extortionists targeted companies with a global ransom DDoS campaign for a second time during the last week of December and the first week of January.

The new extortion emails the cyber criminals sent started with: “Maybe you forgot us, but we didn’t forget you. We were busy working on more profitable projects, but now we are back.”

“We asked for 10 bitcoin to be paid at

According to Radware, companies that received this letter also received threats in August and September 2020. Security researchers’ analysis of this new wave of ransom letters suggested that the same threat actors from the middle of 2020 are behind these malicious communications.

When the DDoS extortion campaign started in August of 2020, a single Bitcoin was worth approximately $10,000. It’s now worth roughly $30,000. The attackers cited this in the latest round of ransom letters, and it represents the impact the rising price of Bitcoin is having on the threat landscape.

A few hours after receiving the message, organizations were hit by DDoS attacks that exceeded 200Gbps and lasted over nine hours without slowdown or interruption. A maximum attack size of 237Gbps was reached with a total duration of nearly 10 hours, the alert warned.

Pascal Geenens, director of threat intelligence at Radware, told IT Pro that DDoS extortion campaigns have traditionally been seasonal events. They would run annually for a few weeks and target specific industries or companies before the threat actor would typically give up. 

“This campaign represents a calculated shift from these tactics and DDoS extortion has now become an integral part of the threat landscape. This is a clear indicator that companies need to take DDoS extortion campaigns seriously,” Greenens said.

“Without DDoS protection, organizations are exposed and vulnerable to repeat attacks and there is no guarantee it will stop following payment. This type of cyber criminal is seeking financial gain and by knowing an organization has succumbed to the threat, it will lead them to retarget again in the future.”

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
FedEx and DHL phishing emails target Microsoft users
phishing

FedEx and DHL phishing emails target Microsoft users

24 Feb 2021
Hackers are using Google Alerts to help spread malware
hacking

Hackers are using Google Alerts to help spread malware

22 Feb 2021
North Korea expected to increase cyber attacks due to COVID struggles
hacking

North Korea expected to increase cyber attacks due to COVID struggles

22 Feb 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
Oxford University COVID lab falls victim to hackers
hacking

Oxford University COVID lab falls victim to hackers

26 Feb 2021