DDoS extortion is absolutely not a new trick by the hacker community, however there have been a number of new improvements to it. Notable among them is the use of Bitcoin as a way of payment. DD4BC (DDoS for Bitcoin) is a hacker (or hacker group) that has been proven to extort victims with DdoS attacks, demanding payment through Bitcoin. DD4BC appears to focus on the gaming and payment processing industries that use Bitcoin.
In November 2014, reports emerged of this group having delivered a note to the Bitalo Bitcoin exchange demanding 1 Bitcoin in return for assisting the site enhance its defense against DDoS attacks. At the same time, DD4BC implemented a small attack to demonstrate the market vulnerability to this method of disturbance. Bitalo ultimately refused to pay the ransom, nevertheless. Instead, the website publicly accused the group of blackmail and extortion as well as creating a bounty of over USD $25,000 for information concerning the identities of the supporting DD4BC.
The plots have a lot of common features. During these extortion acts, the hacker:
Launches an initial DDoS assault (ranging from a few minutes to a few hours) to demonstrate the hacker can compromise the web site of the victim.
Demands payment via Bitcoin while suggesting they’re actually helping the Website by pointing their vulnerability to DdoS
Threatens more virulent attacks in the future
Threatens a Greater ransom as the attacks progress (pay up now or pay more later)
Unprotected sites can be removed by these attacks. ico stats by Arbor Networks concluded that a vast majority of DD4BCs actual attacks have been UDP Amplification attacks, exploiting vulnerable UDP Protocols like NTP and SSDP. In the spectrum of cyber-attacks, UDP flooding through botnet is a comparatively simple, blunt attack that only overwhelms a network with unwanted UDP traffic. These attacks are not technically complex and are made simpler with rented bones, booters, and scripts.
The typical pattern for your DD4BC gang is to launch DDoS attacks targeting layer 3 and 4, but when this doesn’t have the desired result, they will/can transfer it into layer 7, with various types of loopback strikes with post/get requests. The initial assault typically is determined by a scale involving 10-20GBps. This is quite massive, but often not even close to the real threat.
If a business fails to satisfy their requests, and if this company does not migrate this assault through various anti-DDoS services, the team will typically proceed after 24 hours of a sustained attack. However, you should not count on this pattern to oversee your cyber safety tactics.
HaltDos adapts and combines on your community and requires minimum management
Automatic detection and mitigation of DDoS attacks to safeguard your application stays online and always available.
Having server loading issues? Deliver content in lightning speed with our Program Delivery Controller.
Offload SSL connections from your servers with SSL Proxy.