In a clear indicator of the no-compromising lengths to which companies will venture to protect themselves from service outages via DDoS attacks, it has been revealed that extortionists have made over $100,000 by simply blackmailing organizations with the threat of DDoS attacks, without actually carrying them out.
In a new blog by prominent DDoS protection provider CloudFlare, it has been determined that a gang of cybercriminals who purport to be infamous DDoS extortionist hackers – Armada Collective, have made away with hundreds of thousands of dollars in extortion payments.
Over 100 businesses have been targeted around the world with emails that contain a threat and a ransom demand between 10 and 50 bitcoins (approximately $4,600 – $23,000.
“If you don’t pay [by the date], attack will start, yours service down down permanently [and] price will increase to 20 bitcoins from the first of the first ransomware threat,” the threat read while adding for good measure, “This is not a joke.”
While several bitcoin companies gave in to pay their demands, CloudFlare discovered several examples of multiple victims who were targeted at the same time period when they were asked to send the same amount to the same bitcoin address described. As Bitcoin is anonymous, there is no way for the attacker to tell those who paid the demands apart from those who haven’t.
Related read: DDoS Attacks Are up 149 Percent Toward End of 2015
An analyst from Bitcoin analysis firm Chainalysis revealed that upon studying the payments sent to the bitcoin addresses, more than $100,000 had been sent by the victims to attackers’ bitcoin addresses.
Following its own investigation, CloudFlare discovered no evidence of any DDoS attack having taken place as a result of the threats. Many of the original collective of malicious hackers belonging to the Armada Collective are currently imprisoned in Europe.
The original Armada Collective attackers routinely deployed attacks of up to 60 Gbps, although they claimed to have the ability to generate over 500Gbps attacks.
CloudFlare adds that not all DDoS extortion threats are empty. Without mentioning any names, the service insists that there are other groups who actually do follow through on their threats to launch attacks.
Image credit: Imgur.