NEWS
NEWS
NEWS
Fake cyberattackers rake in over $100,000 with empty threats
It turns out you don’t even need to be a hacker to make a nice living from cybercrime. Instead, all you need to do is pretend to be one.
An enterprising extortionist appears to have stolen the identity of a notorious hacking group that came to attention late last year, using their ‘brand’ to extort cash from over a hundred companies by threatening them with Distributed Denial of Service (DDoS) attacks.
The scammer (or scammers) claim to be part of the Armada Collective, a group that carried out a series of DDoS attacks on webmail providers that refused to pay a ransom in Bitcoin last year. However, it’s believed that the group’s key members were arrested in January of this year, and the latest threats are from someone else using the group’s name for their own ends.
According to blog post by DDoS mitigation provider CloudFlare, over 100 companies have received emails from the “Armada Collective” demanding they pay a fee of between 10 and 50 Bitcoins in return for not being attacked.
“Our attacks are extremely powerful – sometimes over 1Tbps per second. And we pass CloudFlare and others’ remote protections! So, no cheap protection will help,” the email says.
The email threatens that the price will rise if companies don’t cough up soon. However, it seems no one was actually attacked by the ‘group’.
It’s an intriguing case because CloudFlare noticed the scammers were reusing the same Bitcoin address for each victim, which would make it impossible for them to know which companies had paid and which hadn’t. As a result, CloudFlare did some digging but failed to find evidence of a single DDoS attack being launched.
“In fact, because the extortion emails reuse Bitcoin addresses, there’s no way the Armada Collective can tell who has paid and who has not,” said Matthew Prince, CEO of CloudFlare. “In spite of that, the cybercrooks have collected hundreds of thousands of dollars in extortion payments.”
“While the actual members of the original Armada Collective appear locked up in a European jail, with little more than some Bitcoin addresses and an email account, some enterprising individuals are drafting off the group’s original name, sowing fear, and collecting hundreds of thousands of extorted dollars.”
Prince warned there are some groups still out there which can and do carry out attacks if a ransom isn’t paid, but the “Armada Collective” isn’t one of them. So if you do happen to receive any threatening emails from them, you can probably save yourself a few dollars by ignoring it.
Photo Credit: Koen Cobbaert via Compfight cc
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
