Skip to main content

Bitcoin Ransom

DDoS extortion is certainly not a new trick by the hacker community, but there have been several new developments to it. Notable among them is the use of Bitcoin as a method of payment. DD4BC (DDoS for Bitcoin) is a hacker (or hacker group) who has been found to extort victims with DdoS attacks, demanding payment via Bitcoin. DD4BC seems to focus on the gaming and payment processing industries that use Bitcoin.

In November 2014, reports emerged of the group having sent a note to the Bitalo Bitcoin exchange demanding 1 Bitcoin in return for helping the site enhance its protection against DDoS attacks. At the same time, DD4BC executed a small-scale attack to demonstrate the exchange vulnerability to this method of disruption. Bitalo ultimately refused to pay the ransom, however. Instead, the site publicly accused the group of blackmail and extortion as well as created a bounty of more than USD $25,000 for information regarding the identities of those behind DD4BC.

The plots have several common characteristics. During these extortion acts, the hacker:

Launches an initial DDoS attack (ranging from a few minutes to a few hours) to prove the hacker is able to compromise the website of the victim.

Demands payment via Bitcoin while suggesting they are actually helping the site by pointing out their vulnerability to DdoS

Threatens more virulent attacks in the future

Threatens a higher ransom as the attacks progress (pay up now or pay more later)

Unprotected sites can be taken down by these attacks. A recent study by Arbor Networks concluded that a vast majority of DD4BCs actual attacks have been UDP Amplification attacks, exploiting vulnerable UDP Protocols such as NTP and SSDP. In the spectrum of cyber-attacks, UDP flooding via botnet is a relatively simple, blunt attack that simply overwhelms a network with unwanted UDP traffic. These attacks are not technically complex and are made easier with rented botnets, booters, and scripts.

The typical pattern for the DD4BC gang is to launch DDoS attacks targeting layer 3 and 4, but if this does not have the desired effect, they will/can move it to layer 7, with various types of loopback attacks with post/get requests. The initial attack typically lies on a scale between 10-20GBps. This is rather massive, but often not even close to the real threat.

If a company fails to meet their requests, and if that company does not migrate this attack through various anti-DDoS services, the group will typically move on after 24 hours of a sustained attack. But you should not count on this pattern to manage your cyber security tactics.




Source by Kanishk Tagade

Popular posts from this blog

The Basics of Cryptocurrency and the Way It Works

In the times that we're living in, technology has made unbelievable advancement as compared to any time in the past. This evolution has redefined the life of man on almost every aspect. In fact, this evolution is an ongoing process and thus, human life on earth is improving constantly day in and day out. One of the latest inclusions in this aspect is cryptocurrencies.Cryptocurrency is nothing but digital currency, which has been designed to impose security and anonymity in online monetary transactions. It uses cryptographic encryption to both generate currency and verify transactions. The new coins are created by a process called mining, whereas the transactions are recorded in a public ledger, which is called the Transaction Block Chain.Little backtrackEvolution of cryptocurrency is mainly attributed to the virtual world of the web and involves the procedure of transforming legible information into a code, which is almost uncrackable. Thus, it becomes easier to track purchases an…

Forex MegaDroid - The Trading Robot That Applies Two Trading Strategies

It is important for novice traders to gain the basic knowledge of Forex trading at the very beginning of their attempts. After you get the rough ideas of what those charts, tables and axis mean, then you should study in details about which trading style suits you the most. Currency trading involves completely different styles. People should opt for their own strategies, but basically there are two primary types of analysis: the technical and the fundamental. A few traders would choose one of the two, some will combine them, others just follow what the robot tells them. Forex Megadroid belongs one of the few automated programs that applies both trading strategies. Forex traders who choose to use technical analysis always base their analyzes on the currency market trend. They read charts and recognize the common patterns for the price movement. Different traders may employ various reporting system to make the analysis easy to read or update. For the users of technical analys…

Virtual Currency Games

Every little boy's (and many grown men's) dream of making a living by playing video games is edging closer to reality. The recent release of HunterCoin and the in-development VoidSpace, games which reward players in digital currency rather than virtual princesses or gold stars point towards a future where one's ranking on a scoreboard could be rewarded in dollars, and sterling, euros and yen.The story of the millionaire (virtual) real estate agent... Digital currencies have been slowly gaining in maturity both in terms of their functionality and the financial infrastructure that enables them to be used as a credible alternative to non-virtual fiat currency. Though Bitcoin, the 1st and most well known of the crypto-currencies was created in 2009 there have been forms of virtual currencies used in video games for more than 15 years. 1997's Ultima Online was the first notable attempt to incorporate a large scale virtual economy in a game. Players could collect gold coins …