Warning about the DDoS Extorters RedDoor in Germany, Austria and Switzerland
Current circumstances lead the DDoS protection specialist Link11 to warn about DDoS extortions by the group “RedDoor”. Since the beginning of the week the extorters are pressuring the e-commerce industry. In addition Link11 has first leads to new activity from Armada Collective in Germany.
Frankfurt, March 24th 2016 – A new wave of DDoS extortions is threatening online vendors in Germany. This time cybercriminals carrying the alias “RedDoor” are demanding a ransom of 3 Bitcoins from all shops they contact. Link11 protects various businesses and projects that have become victim of the extortion mailing. Ever since March 23rd the Link11 Security Operation Center (LSOC) is cooperating with affected e-commerce providers and the authorities to support the investigations.
RedDoor is operating with already known patterns of DDoS extortions: The criminals send out emails using an anonymous email service in which they demand a ransom of 3 Bitcoins. The affected businesses only have 24 hours to wire the payment onto an individual Bitcoin account.
RedDoor threatens with a large volume DDoS attack in case the blackmailed company decides not to pay. The extorters threaten to use UDP Floods with a bandwidth from 400 to 500 Gbps. Additionally the ransom jumps up to 10 Bitcoins and will rise by the hour.
The extortion mails are similar to those of known extortions by DD4BC. But the style of operation resembles the work of Armada Collection. So it can be assumed that RedDoor is a copycat of these internationally active extortion groups.
The internationally operating DDoS extorters Armada Collective have re-emerged in Switzerland on March 9th. This time they are focusing on financial businesses and online shops. According to first information received by the LSOC Armada Collective has expanded their activities to Germany on March 24th as well.
RedDoor is currently focusing primarily on German e-commerce businesses. The Link11 Security Operation Center (LSOC) expects these extortions to spread out to other industries as well.
In case the attackers initiate their volume attacks Link11 will immediately defend these and protect the attacked businesses. The LSOC will additionally focus on analyzing the attack data.
Frequent updates on the state of DDoS security from Link11
DDoS extorters are striking more frequently. Businesses should always keep up to date on the DDoS threat level for their industry. Currently the website www.ddos-info.de offers information on attacks and extortion activities in German speaking countries such as Germany, Austria and Switzerland. Additionally the website offers a free warning service on extortion waves as well as threatening attacks.
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
A simple visualization of how the Underground Cybercrime Economy cashes in on data and DDoS attacks. To learn more,…
9 Retweets 8Read More
How to protect your business and website from DDoS attacks during the biggest sales period of the year:…
5 Retweets 6Read More
What are DDoS Attacks and how do cybercriminals use them as weapons to shut down IT infrastructures? And more impor…
7 Retweets 5Read More
This is why (and how) you should block bots on your business website (includes a list of most common bot attacks):…
13 Retweets 9Read More
What is Web Application Firewall, why do you need it and how does it protect your company? Learn more by reading ou…
3 Retweets 5Read More
@RandyLoss Hah, you weren't the only one saying that.
0 Retweets 0
@vxtrade Your company might ;)
0 Retweets 1
@deckhand25 He is not, but close enough! ;)
0 Retweets 1
What would you do if you received a 180 000€ DDoS extortion email warning to exceed your web infrastructure defense…
1 Retweets 4Read More
Get a detailed and up to date overview of the global DDoS threat landscape by taking a look at our DDoS Report from…
6 Retweets 5Read More
@SecurityParalok Link11 DDoS Protection can help!
0 Retweets 0