A new tactic has been adopted by various ransomware operators in which they are using threats of DDoS attacks to negotiate with victims. This tactic is the newest trend that is catching up pace across the threat landscape. A foreign exchange company among many others were targeted by such attacks.
In recent attacks that were carried out across the globe, extortion emails were sent by the attackers threatening to launch a DDoS attack if they fail to pay up 20BTC (around $230,000).
- For each passing day that the targeted firm fails to pay the demanded ransom, the attackers threatened to increase the payment demand by 10 BTC. However, Travelex, a foreign exchange company did not pay any ransom to its attackers.
- the attackers carried out a volumetric attack on a custom port of four IP addresses used by the company’s subdomains, along with the extortion email. After two days, another DNS amplification attack was launched.
The attackers also claimed to have the ability to perform volumetric attacks that peak at 2Tbps.
Other such attacks –
- Operators behind the SunCrypt Ransomware pressurize an organization into paying the ransom after they encrypted the victim’s files and launched a DDoS attack. Eventually, the organization paid the ransomware after being devastated by multiple attacks.
- Last month, another group targeted organizations across the US, UK, and the Asia Pacific with DDoS attacks. They asked for ransom from retail and financial organizations.
- In August, another cybercrime group had extorted various organizations worldwide to pay thousands of dollars in Bitcoin. They were threatened with the launch of a DDoS attack if they fail to comply.
The need of the hour is to come up with a better security strategy to tackle such attacks. Our experts suggest a more proactive approach while strictly following best security measures such as taking backups, deploying network monitoring solutions, and training employees to detect anomalies.
To read more, please check eScan Blog