Bitcoin ransom demanded by cyber-extortionists from financial sector
The group which is going by the name “DD4BC” or “DDoS for Bitcoin” (Distributed Denial of Service for Bitcoin) is responsible for a large number of bitcoin extortion attempts dating back to 2014. It is responsible for almost 150 attacks, 58 percent of which have targeted financial service companies, Akamai’s Prolexic Security Engineering & Research Team (PLXsert) reported on Wednesday.
Initially the group hit media, entertainment, online gaming and retailers, and bitcoin mining companies. However, over the last few months “DD4BC” has turned its attention to financial institutions like banks, brokers and automated clearing houses in Europe, Australia and US.
“DD4BC has been using the threat of DDoS attacks to secure bitcoin payments from its victims for protection against future attacks,” said Stuart Scholly, Senior Vice President & General Manager, Security Division at Akamai. “The latest attacks—focused primarily on the financial service industry—involved new strategies and tactics intended to harass, extort and ultimately embarrass the victim publicly.”
The group’s method is quite simple; it picks the victim organization and threatens exposure via social media. It uses email to inform the target that a low-level DDoS attack will be set up against the victim’s website. The group can even starts a small “demonstrative” attack that lasts less than an hour, to show its capabilities. After the threat it demands a bitcoin ransom to protect the company from a larger DDoS attack which can make its website inaccessible. The ransom usually goes from 25 bitcoins ($6,150) to 100 bitcoins ($25,000), with an implied deadline.
The DD4BC’s goal is said to attract more attention to its ability to create service disruptions by publicly embarrassing the target and damaging the company's reputation.
The group shows a medium level of technical competence, enough to understand bitcoin and to switch between a range of DDoS techniques to find the website’s weak spot, security experts told Bloomberg. It has already attracted the attention of law enforcement and intelligence agencies which warn never to pay such ransoms.
While financial organizations can avoid DDOS attacks by extra server capacities and defense systems, there are also other cyber-threats such as banking Trojans that can do far more harm.