Security firm Radware uncovered the threat actors’ campaign named ‘distributed denial-of-service’ (DDoS). This campaign was launched to target the same set of victims from September 2020 after the companies failed to pay the initial ransom between five and ten bitcoins ($160,000 and $320,000) as demanded by the threat actors.
According to the reports, an anonymous group of hackers attacked the victims in August or September 2020 for the first time. In December 2020 and January, threat actors sent additional ransom extortion emails to the organizations after the victims failed to pay the initial ransom. Threat actors attacked the organizations with a DDoS strike immediately after the organizations received the second set of intimidating messages.
The latest DDoS strike surpassed 200Gbps and continued for more than nine hours without any disruption. As per the reports of Radware, the latest ransom note reads, “maybe you forgot us, but we didn’t forget you. We were busy working on more profitable projects, but now we are back”.
Radware security experts are convinced that the series of attacks were managed by the same ransomware group due to the identical infrastructure in the strike and the messages received from the ransomware group. Also, the organizations that received the latest letters were not leaked in the media last year therefore only the original ransomware group would have known that the companies have been targeted last year.
Radware security experts have noticed the change in the threat actor’s strategy, in previous strikes threat actors targeted the organizations for few weeks and then passed on. “The 2020-2021 global ransom DDoS campaign represents a strategic shift from these tactics. DDoS extortion has now become an integral part of the threat landscape for organizations across nearly every industry since the middle of 2020”, the report explained.
This group of threat actors does not hold back in returning to the targets that originally ignored their warnings, this is the massive fundamental change in the tactics of threat actors. According to Radware, the companies should be prepared for another letter and strike in the upcoming months.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
