Cyberattackers bury ransom demands in recent DDoS attacks
One of the most common, and irritating, cyber attacks — the distributed-denial-of-service (or DDoS) — now has the potential to grow with a twist of cryptocurrency mining. Security researchers with the internet services company Akamai have noticed something unusual as they've responded to a spate of recent DDoS attacks. Buried beneath the traffic deluge designed to grind a target's web traffic to a halt are ransom notes.
"It’s actually like a DDoS strike with a phishing attack with an extortion charge all rolled into one," said Chad Seaman, a senior engineer with Akamai's security intelligence acknowledgment team, in an interview with Fortune. "When we saw it we moved like, huh, clever bastards."One note shared with Fortune, buried in an otherwise indecipherable string of code, makes a demand for "50 XMR," or Monero.
As of March 3, 2018, that amount of Monero is worth roughly $18,000.It's not uncommon for DDoS attacks to come with ransom demands of this sort, though ordinarily such requests are relayed via email or some other means of communication after the offense has been launched. This is more of a "two birds, one stone" approach, linking the two together.
The reasoning is simple. As Akamai told Fortune, ransom notes sent via email often go unseen due to spam protection. Inserting the letter into DDoS code ensures that the targets security analysts will see it as they investigate the attack data.Monero is more attractive to cyberattackers than a cryptocurrency like Bitcoin because it's more difficult to trace.
While both rely on public ledgers for recording and tracking transactions, Monero ledgers hide the sender, recipient, and amount of each transaction.The inherent anonymity of Monero also means the attackers themselves don't necessarily know who's paid up or who hasn't. That fact alone should discourage any targeted interest from paying up.
Comments
Post a Comment