We do continue to receive reports about DDoS extortion e-mail. These e-mails are essentially spammed to the owners of domains based on whois records. They claim to originate from well-known hacker groups like "Anonymous" who have been known to launch DDoS attacks in the past. These e-mails essentially use the notoriety of the group's name to make the threat sound more plausible. But there is no evidence that these threats originate from these groups, and so far we have not seen a single case of a DDoS being launched after a victim received these e-mails. So no reason to pay :) Here is an example of an e-mail (I anonymized some of the details like the bitcoin address and the domain name)
This particular e-mail was rather cheap. Other e-mails asked for up to 10 BTC. There is absolutely no reason to pay any of these ransoms. But if you receive an e-mail like this, there are a couple of things you can do:
And please forward any e-mails like this to us. It would be nice to get a few more samples to look for any patterns. Like I said above, this isn't new, but people appear to still pay up to these fake threats. --- |
Johannes 4479 Posts ISC Handler Jun 23rd 2017 |
Thread locked Subscribe |
Jun 23rd 2017 4 years ago |
Received by US customer in retail industry. Google revealed a user in Poland reporting receiving the same e-mail.
We are Anonymous. If you don't pay 100 Bitcoin at 1F1rU9SY3uNXZPzXy5uYeuzao2pt1S2gaU by July 17th your network is going under heavy DDoS for 7 days. There is no protection for 1 Tbps Mirai attack. We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us. |
Anonymous |
Quote |
Jul 11th 2017 4 years ago |
It reminds me of the DD4BC group that targetted Europe in 2015.
|
Anonymous |
Quote |
Jul 18th 2017 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!