How Cloudflare CEO Matthew Prince unintentionally Boosts DDoS Ransom Mails
Just recently the US DDoS protection vendor Cloudflare has been criticized for protecting the sites of DDoS extorters. Now a new good meant blog post flooding the internet has caused copycats hoping for a fast buck to blackmail companies as well.
Frankfurt, April 29th 2016 – On April 25th 2016 Cloudflare’s CEO Matthew Prince issued a blog post about the apparent DDoS extorters Armada Collective in which he called their threats empty: Without attacking the extorters ran away with 100.000 USD.
Link11 has information that new extorters have emerged which have been influenced by the news of these ‘empty threats’ that has taken over the internet by storm. Now end of this week the first large e-commerce businesses in Germany with a sales volume of a triple-figure million value have received an extortion mail in the name of the well-known hacker group Lizard Squad. Reports show that this group has been active in the UK as well and sent extortion mails to businesses there. Here is a short excerpt from one of these mails:
"We are the Lizard Squad and we have chosen your website/network as target for our next DDoS attack. Please perform a google search for "Lizard Squad DDoS" to have a look at some of our previous "work". All of your servers will be subject to a DDoS attack starting at Tuesday the 3rd of May. ... We are willing to refrain from attacking your servers for a small fee. The current fee is 5 Bitcoins (BTC). The fee will increase by 5 Bitcoins for each day that has passed without payment."
Onur Cengiz, Head of LSOC:
“It is very unusual for Lizard Squad to sent out these kind of extortion mails. That is why we began with our research and have come to a surprising conclusion: The extortion mails have not been sent using anonymous mailing services. They were sent from a domain that has been only registered this week, or more precisely 2 days after the Cloudflare blog post, by a person located in Germany. This is contrary to anything we know about the professional hacker collective Lizard Squad and distinctively indicates the actions of copycats. In the aftermath of the blog posting of Matthew Prince, who said that the new Armada Collective was nothing more than empty threats, these new extorters looked for a name that stands for one of the most famous and powerful groups the media has reported on."
Copycats have been encouraged by the Cloudflare news to blackmail companies as well believing to easily receive money by just sending out ransom mails. Nevertheless despite of recent news on empty threats every extortion mail has to be taken more than serious. Every affected business should inform the authorities and initiate precautions immediately.
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
How to protect your business and website from DDoS attacks during the biggest sales period of the year:…
5 Retweets 6Read More
What are DDoS Attacks and how do cybercriminals use them as weapons to shut down IT infrastructures? And more impor…
7 Retweets 5Read More
This is why (and how) you should block bots on your business website (includes a list of most common bot attacks):…
13 Retweets 9Read More
What is Web Application Firewall, why do you need it and how does it protect your company? Learn more by reading ou…
3 Retweets 5Read More
@RandyLoss Hah, you weren't the only one saying that.
0 Retweets 0
@vxtrade Your company might ;)
0 Retweets 1
@deckhand25 He is not, but close enough! ;)
0 Retweets 1
What would you do if you received a 180 000€ DDoS extortion email warning to exceed your web infrastructure defense…
1 Retweets 4Read More
Get a detailed and up to date overview of the global DDoS threat landscape by taking a look at our DDoS Report from…
6 Retweets 5Read More
@SecurityParalok Link11 DDoS Protection can help!
0 Retweets 0
@QAValley Thank you for sharing, great piece. For the fastest and reliable German made DDoS Protection, get in touch!
0 Retweets 0