These attacks are characterized by the attacker initiating a demonstration DDoS attack against selected elements of the targeted organization’s online services/application delivery infrastructure, followed by an emailed extortion demand for payment via Bitcoin cryptocurrency. Broadband access ISPs, healthcare providers, insurance providers, personal care product manufacturers, regional energy providers, and IT-related vendors have also been targeted. Starting in mid-August 2020, a relatively prolific threat actor initiated a global campaign of DDoS extortion attacks largely directed towards regional financial and travel-industry targets such as regional banks, stock exchanges, travel agencies, currency exchanges, and, in some cases, their upstream internet transit providers. Updated details of extortion demands to include the use of public-facing website contact form Recipients may share TLP: WHITE information without restriction, subject only to standard copyright rules.Ĭontributors: Alexander Cockburn, Carl Neenan, Gareth Tomlinson, Mary Hartzell, Shawn Razavi, Nathan Lux, Jon Belanger Changes from previous version:ĭiscussed new attacker behavior of launching second round of attacks against previously targeted organizations that did not respond to initial extortion demands.Īdded memcached reflection/amplification to list of observed attack vectors This blog is an update to the one we originally published on Septemhere
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |