Unlike normal attempts where UDP packets containing random information are attacked this group of hackers is leaving messages for ransom in these packets.
The group has a very unique demand in how the ransom is paid, that being Monero. 50 Monero to be exact. That is a total of $17,000 to be paid to a Monero address What is more alarming is that upon payment the group has not explicitly told the victims that the attacks will stop they only imply that they will stop. A chance of a reshow exists unless security is tightened.
The first RDoS attack happened in 2015. Initially called a DDoS for bitcoin the name was inspired by the hacker group by the name of DD4BTC that started all of this.
Their actions inspired others even after the group was arrested. Groups such as Armada Collective and XMR Squad were a few that stood out others would try and copy more known groups such as Anonymous or LulzSec.
This form of hacking is now called Ransom DDoS (RDoS) and has become quite the go to amongst online hacker groups.
Previously, in such cases, hackers never had enough resources to pull of such ransom attacks and be taken seriously. That has changed with the Memcached-based DDoS because their method of operation is different.
According to Daniel Smith, a Radware secutiry researcher, paying the Monero ransom will not help companies at all.
That is due to the nature of the attack. There will always be data out for the taking and hackers will to take. Paying ransom now will set precedence for other companies and hacker groups to do the same.
The circumstances of the ransom request add to the victims’ plight. The delivery address is the same for all targets. Authorities are claiming that the attackers will not be able to tell which companies have paid the ransom request and which have not. This is being called a widespread attack that is just looking for bait. They are hoping that someone is going to end up paying them the ransom money.
For assistance with file recovery and ransomware removal, please contact MonsterCloud – cyber security experts for a professional ransomware removal.
