DDoS Extortions against thousands of firms by alleged Phantom Squad
Since September 19, 2017 thousands of companies in many countries around the world have received extortion emails on behalf of the Phantom Squad. There are currently reports from Germany, Great Britain, Italy, the USA, and Japan.
The contacted firms are supposed to pay 0.2 Bitcoin to buy their way out of the DDoS attacks. The payment deadline is September 30. The extortionists, who are probably bluffing, are likely not the original Phantom Squad.
Attacks on global gaming platforms put them on the map
Until now, Phantom Squad was only known for attacking gaming networks. In early November 2016, they claimed responsibility on Twitter for the attacks on the Steam platform. Shortly thereafter, they announced Christmas attacks on the PlayStation Network and Xbox live. As early as January 2016, the group – apparently in collaboration with Lizard Squad – paralyzed the PlayStation Network for a day.
DDoS Extortion likely by copycats
That the self-proclaimed cyber-security group has now re-oriented itself and focused on DDoS extortion is unlikely. In the opinion of the LSOC, it appears more credible that the one or several active perpetrators now have nothing to do with the original attacks and are only associating themselves with the Phantom Squad name to spread fear. Extortionists frequently use the names of internationally known DDoS attackers like Armada Collective, Lizard Squad, or New World Hackers to make their demands more credible. In these cases, the names are even interchangeable, however the emails with the demands for protection money are almost always identical.
Extortion messages with standard formulations
The current scattered text has very strong similarities to extortion messages from the alleged Armada Collective from Spring of 2016. Only the date for the payment deadline and the Bitcoin address vary. In as early as May 2016, the alleged Phantom Squad tried to get to Bitcoins with such emails. Their demand for protection money in the amount of 0.2 Bitcoin at the time is once again the same amount in the current message.
FORWARD THIS MAIL TO WHOEVER IS IMORTANT IN YOUR COMPANY AND CAN MAKE DECISION!
We are Phantom Squad
Your network will be DDoS-ed starting [date] if you don't pay protection fee – 0,2 Bitcoins @ [Bitcoin Address].
If you don't pay by [date], attack will start, yours service going down permanently price to stop will increase to 20 BTC and will go up 10 BTC for every day of attack.
This is not a joke.
Why the perpetrators in the current wave of extortion dispensed with the second part of the message, which was intended to increase the fear with the threat of 1-Tbps attacks, is unclear.
Our attacks are extremely powerful - sometimes over 1 Tbps per second. And we pass CloudFlare and others remote protections! So, no cheap protection will help.
Prevent it all with just 0.2 BTC @ [Bitcoin Address].
Do not reply, we will not read. Pay and we will know its you. AND YOU WILL NEVER AGAIN HEAR FROM US!
Bitcoin is anonymous, nobody will ever know you cooperated.
Probability of DDoS attacks by Phantom Squad rather low
The LSOC currently has no indications that any attacks by the alleged Phantom Squad ever came to pass in protection rackets. There is a high probability that the perpetrators will never be heard from again after September 30. This was the case as well with the DDoS extortion by the Meridian Collective, Team Xball, und Collective Amadeus, who attempted to intimidate German companies in June 2017.
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
https://t.co/a0lf7SPB37 Want to see more interesting facts, data and insights from the Cyber- & DDoS Attack threats…
7 Retweets 7Read More
❗ ️Warning: New wave of ransom DDoS attacks by Fancy Lazarus! Are you also affected? Don't worry, there are things…
3 Retweets 3Read More
Electronic Arts has suffered a big data breach resulting in hackers getting away with important source code for gam…
1 Retweets 1Read More
https://t.co/HqsAkp4Wk2 Are you passionate/curious about cybersecurity? Subscribe to our monthly Newsletter and sta…
7 Retweets 4Read More
Proven and robust cyber security can have a positive impact on a company's credit rating - or damage it if the impl…
2 Retweets 2Read More
DDoS attacks are no longer just more persistent and larger, but also significantly more complex. Without proven IT…
10 Retweets 4Read More
Mexico closes lottery websites to people from abroad due to ransomware DDoS threats: Even…
8 Retweets 3Read More
National security expert warns of cyberattacks on Australia's critical infrastructure and expects threat to be "imm…
3 Retweets 0Read More
According to current figures, around 500,000 employees are being sought in the field of cyber security in the US:…
3 Retweets 2Read More