Tuesday, January 26, 11:21
Home security DDoS blackmailers target PayPal and other financial services!

DDoS blackmailers target PayPal and other financial services!

Recently, a criminal gang has started conducting DDoS attacks against some of the largest financial service providers in the world, while demanding ransom in Bitcoin from the potential victims so that its members can stop their attacks. A few days ago, the DDoS gang blackmailers attacked financial services, specifically money transfer services. PayPal, MoneyGram, YesBank India, Braintree and Venmo. It New Zealand Stock Exchange (NZX), which stopped trading for the third day in a row, is also among the gang victims.

According to a report published on August 17, the gang behind these attacks targeting PayPal and other financial services appears to be what is known as "Akamai". In addition, DDos gang blackmailers use names like "Armada Collective" and Fancy Bear, which have been borrowed from the most famous hacking groups, aiming to send e-mail target companies and threaten them with DDoS attacks, which can have significant financial costs for the affected businesses. However, this could be avoided if victims agree to pay a huge ransom in Bitcoin.

These types of attacks are well known as “DDoS extortions” or as “DDoS-for-Bitcoin” and were first observed in the summer of 2016. In recent years, such attacks have become more frequent, with DDoS blackmailers attacking their target victims and demanding large rewards so as not to cause them financial or other harm. However, the group that seems to be active this month, is one of the most dangerous that have been revealed since 2016 when this trend started.

On August 24, Akamai reportedly launched DDoS complex attacks that, in some cases, reached 200 Gb / sec, while some of the attacks that started this week have reached 50 to 60 Gb / sec. Therefore, it seems that this is a team that has a lot of skills in the field of DDoS attacks.

Unlike other DDoS blackmailers who often target their victims' public sites, this new team has repeatedly targeted the backend infrastructure, the endpoints API and DNS servers, which explains why some of the DDoS attacks that took place this week led to severe and prolonged outages operation to some of their goals.

For example, in the case of NZX, the team has repeatedly targeted Spark, the stock exchange hosting provider, resulting in the shutdown for the other clients of the provider.

In addition, the team showed its skills and complexity by frequently changing protocols abused for DDoS attacks, making it difficult for defenders to prepare and predict how the next attack will take place and develop protections required to avoid such a thing.

Finally, DDoS target companies of extortionists, such as PayPal and other financial services, are advised not to pay the ransom they are asked for, but instead should secure their services as much as possible to avoid falling victim to such attacks.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


Covid-19: Google Maps will show where vaccinations will be given

The Google Maps app will soon show the vaccination sites for Covid-19, further boosting awareness of ...

Apple Watch Series 7: Will have blood glucose monitoring

According to ETNews, the Apple Watch Series 7 will include the ability to monitor blood glucose through an optical sensor.

Google: North Korean hackers target security researchers via social media

Google has released a report revealing that North Korean hackers are targeting security researchers through social media who are involved in ...

Twitter: Fights misinformation with "Birdwatch"

Twitter unveiled a new feature that aims to step up its efforts to combat misinformation, with the help ...

Netherlands: COVID-19 patient data was sold illegally

Two suspects have been arrested by Dutch police for allegedly selling COVID-19 patient data by Dutch health ministry systems.

Apple: Attention! Keep iPhone away from your pacemaker!

If you have an iPhone, then you may be interested in the following warning. Apple informed its customers that the iPhones may interfere ...

COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...