Privacy News $1 Million Ransomware Payment Has Spurred New DDoS-for-Bitcoin Attacks

LASER_oneXM · Jun 27, 2017

...some quotes from the article above:
....
..
.....

Nayana's payment was the largest ransomware payment ever made and may have involuntarily put a giant bullseye on the backs of all South Korean businesses, now considered more willing to pay outrageous ransom demands to be left alone.

The Armada Collective ransom letters sent last week to South Korean banks said the group would launch DDoS attacks on the targeted banks today, June 26, and double their ransom demand.

....
..
.....

The $1 million ransom payment paid last week by South Korean web hosting company Nayana has sparked new extortion attempts on South Korean companies.
According to local media, seven banks have received emails that asked the organizations to pay ransoms of nearly $315,000 or suffer downtime via DDoS attacks.
Only five of the seven targets are publicly known, which are also the country's biggest financial institutions: KB Kookmin Bank, Shinhan Bank, Woori Bank, KEB Hana Bank, and NH Bank.

Ransom demands made by Armada Collective
The ransom demands were signed by a group of "Armada Collective," a name that has a long history behind it.
The group first appeared in 2015, and they are considered one of the hacker groups that popularized ransom DDoS (RDoS) attacks alongside another group known as DD4BC (DDoS-for-Bitcoin).
While Europol apprehended suspects behind the DD4BC group, the people behind Armada Collective were never caught, and their tactics seem to have evolved across time.

Winter Soldier · Jun 27, 2017

The other side of dirty medal! The problem is that DDoS attacks are quite difficult to prevent.

_CyberGhosT_ · Jun 27, 2017

Winter Soldier said:
The other side of dirty medal! The problem is that DDoS attacks are quite difficult to prevent.

Agreed, and once in motion, if done right are not easy to stop. I remember ProtonMail was hit very hard during the beta phase and they had to call in help to get rid of it. It was quite the setback.
ProtonMail DDoS wipeout: Day 6. Yes, we're still under attack

Winter Soldier · Jun 27, 2017

_CyberGhosT_ said:
Agreed, and once in motion, if done right are not easy to stop. I remember ProtonMail was hit very hard during the beta phase and they had to call in help to get rid of it. It was quite the setback.
ProtonMail DDoS wipeout: Day 6. Yes, we're still under attack

Yeah and another problem is that you're dealing with criminals and it is not 100% sure they will be "honest", keeping their word after you've paid the ransom...

509322 · Jun 27, 2017

Does everyone realize just how stupid it was to pay the ransom ?

Then again, it shows a company is not going to take a stance based upon principle to set a "screw you ransomware guys" precedent for everybody else.

Korea · Jun 27, 2017

On June 26, DDoS attack was well blocked. However, another DDoS attack is scheduled for June 28th, and it is expected that there will be Ransomware and DDoS attacks in the future. So now it is gloomy.

_CyberGhosT_ · Jun 27, 2017

Lockdown said:
Does everyone realize just how stupid it was to pay the ransom ?

Yep, and I am sure all the neighboring businesses in the area are none too happy with him for paying.

509322 · Jun 27, 2017

_CyberGhosT_ said:
Yep, and I am sure all the neighboring businesses are none too happy with him for paying.

See my edit of my original post.

509322 · Jun 27, 2017

_CyberGhosT_ said:
Yep, and I am sure all the neighboring businesses in the area are none too happy with him for paying.

Paying the ransom sets a precedent, and that only emboldens the criminal organization or whomever it might be. And the mentality will quickly spread to other criminal organizations. Next thing you know ransom amounts will routinely be 7 figures.

_CyberGhosT_ · Jun 27, 2017

Lockdown said:
Paying the ransom sets a precedent, and that only emboldens the criminal organization or whomever it might be. And the mentality will quickly spread to other criminal organizations. Next thing you know ransom amounts will routinely be 7 figures.

Exactly Jeff, could not have said it better. He won't be welcome at any of the community events for a while lol

MBYX · Jun 27, 2017

_CyberGhosT_ said:
Yep, and I am sure all the neighboring businesses in the area are none too happy with him for paying.

The business is boned either way, pay and get data back only to go out of business because nobody will trust data on your server, rep is ruined.
OR
Don't pay data is lost, customers go elsewhere and rep is ruined.

still the don't pay option is better, paying just encourages the activity.
Least with the money you could phoenix the company start again and invest in security more.

- security - if you ignore it then it will go away.

Search

Privacy News $1 Million Ransomware Payment Has Spurred New DDoS-for-Bitcoin Attacks

LASER_oneXM

Level 37

Winter Soldier

Level 25

_CyberGhosT_

Level 53

Winter Soldier

Level 25

509322

Korea

Level 1

_CyberGhosT_

Level 53

509322

509322

_CyberGhosT_

Level 53

MBYX

Level 1

Similar threads