How Cloudflare CEO Matthew Prince unintentionally Boosts DDoS Ransom Mails
Just recently the US DDoS protection vendor Cloudflare has been criticized for protecting the sites of DDoS extorters. Now a new good meant blog post flooding the internet has caused copycats hoping for a fast buck to blackmail companies as well.
Frankfurt, April 29th 2016 – On April 25th 2016 Cloudflare’s CEO Matthew Prince issued a blog post about the apparent DDoS extorters Armada Collective in which he called their threats empty: Without attacking the extorters ran away with 100.000 USD.
Link11 has information that new extorters have emerged which have been influenced by the news of these ‘empty threats’ that has taken over the internet by storm. Now end of this week the first large e-commerce businesses in Germany with a sales volume of a triple-figure million value have received an extortion mail in the name of the well-known hacker group Lizard Squad. Reports show that this group has been active in the UK as well and sent extortion mails to businesses there. Here is a short excerpt from one of these mails:
"We are the Lizard Squad and we have chosen your website/network as target for our next DDoS attack. Please perform a google search for "Lizard Squad DDoS" to have a look at some of our previous "work". All of your servers will be subject to a DDoS attack starting at Tuesday the 3rd of May. ... We are willing to refrain from attacking your servers for a small fee. The current fee is 5 Bitcoins (BTC). The fee will increase by 5 Bitcoins for each day that has passed without payment."
Onur Cengiz, Head of LSOC:
“It is very unusual for Lizard Squad to sent out these kind of extortion mails. That is why we began with our research and have come to a surprising conclusion: The extortion mails have not been sent using anonymous mailing services. They were sent from a domain that has been only registered this week, or more precisely 2 days after the Cloudflare blog post, by a person located in Germany. This is contrary to anything we know about the professional hacker collective Lizard Squad and distinctively indicates the actions of copycats. In the aftermath of the blog posting of Matthew Prince, who said that the new Armada Collective was nothing more than empty threats, these new extorters looked for a name that stands for one of the most famous and powerful groups the media has reported on."
Copycats have been encouraged by the Cloudflare news to blackmail companies as well believing to easily receive money by just sending out ransom mails. Nevertheless despite of recent news on empty threats every extortion mail has to be taken more than serious. Every affected business should inform the authorities and initiate precautions immediately.
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
We had a great time at Wisdom of Crowds 2019 in London sharing our vision and ideas with other industry leaders and…
4 Retweets 2Read More
That was a great first day at IT-SA in Nuremberg! Today, we talked to Lasse Berger from Bayerischer Rundfunk about…
1 Retweets 2Read More
We are having a great time at it-sa - The IT Security Expo and Congress with Link11 COO Marc Wilczek on stage, tal…
2 Retweets 1Read More
Cybersecurity incidents are expected to rise by an alarming 70% by 2024. As the world is going digital, criminal ac…
0 Retweets 0Read More
Meet the team! Visit our booth (10.0-413) at it-sa 2019 from October 8-10 in Nuremberg and talk to our experts!…
1 Retweets 3Read More