Extortionists Demand Ransom In 'Empty' DDoS Threats
Gang of cybercriminals calling itself the Armada Collective threatens online businesses in return for Bitcoins.
An extortionist hacker group calling itself Armada Collective is sending e-mail threats to organizations demanding money or they will wage distributed denial-of-service (DDoS) attacks against them -- but the DDoS threats apparently are a ruse.
CloudFlare discovered some 100 organizations who were threatened with a "protection fee" with payment to be made in Bitcoins ranging from 10- to 50, about $4,600 to $23,000. Thus far, the group, which goes by the name of a former DDoS gang, has collected hundreds of thousands of dollars, without even carrying out one DDoS attack.
The email campaign warns the recipient to pay up or face powerful DDoS attacks of "sometimes over 1 Tbps per second." It even goes on to claim that the attacks will bypass CloudFlare and other protection providers.
"Our conclusion was a bit of a surprise: we've been unable to find a single incident where the current incarnation of the Armada Collective has actually launched a DDoS attack. In fact, because the extortion emails reuse Bitcoin addresses, there's no way the Armada Collective can tell who has paid and who has not. In spite of that, the cybercrooks have collected hundreds of thousands of dollars in extortion payments," wrote Matthew Prince, CEO of CloudFlare in a blog post.
The same company is sometimes sent the identical threat mail over and over again even if it has paid the extortion fee. There is also no correlation between the size of the victim organization and the sum demanded from it, according to CloudFlare.
Read more about the extortion scheme on the CloudFlare Blog.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024