Bitcoin Extortion Group DD4BC Prompts Warning from Swiss Government

shutterstock_184555031-scaled
8 May 2015

Extortionist group DD4BC appears to be connected to a new wave of distributed denial of service (DDoS) attacks against organizations in Switzerland, New Zealand and Australia.

With the new attacks, the group is seeking 25 BTC from affected parties in exchange for relinquishing the flood of inbound data is issues that renders recipient websites inaccessible.

Most recently, DD4BC was named in an 8th May warning published by the Swiss Governmental Computer Emergency Response Team (GovCERT), a division of MELANI, a national agency focused on cybersecurity issues.

The warning read:

“In the past days MELANI / GovCERT.ch has received several requests regarding a distributed denial of service (DDoS) extortion campaign related to ‘DD4BC’.”

According to the New Zealand government, the extortion attempts appear to begin with a short DDoS attack to demonstrate the potential impact after the ransom demand has been issued.

DD4BC has been tied to past attacks on digital currency businesses and websites, including extortion attempts against a number of well-known mining pool operators.

Swiss incidents

GovCERT said that it had received reports from “several high profile targets”, stating that a number of organizations had been affected as a result of the wave of DDoS attacks.

According to the agency, recent DD4BC activity has been rising, with the new attacks starting at the beginning of May.

The advisory explained:

“While these attacks have targeted foreign organisations in the past months, we have seen an increase of activity of DD4BC in Europe recently. Since earlier this week, the DD4BC Team expanded their operation to Switzerland.”

The agency advised those impacted by the attacks not to pay the ransoms, and instead file a police report and contact their Internet service providers for additional mitigation support.

New Zealand connection

News of the New Zealand attacks surfaced earlier this week, when the New Zealand National Cyber Security Centre (NCSC) released a warning about DDoS attacks on local organizations.

The notice said that an investigation is underway, though the agency did not specify the operating name of those behind the attacks. National security advisor for the New Zealand government Daria Brankin declined to comment when reached.

Cybersecurity nonprofit New Zealand Internet Task Force chairman Barry Brailey, however, confirmed the connection between the group and the recent DDoS attacks in that country.

The group issued a notice about the DDoS threats on 7th May.

“Yes [the series of attacks] appears to be linked to the group/moniker ‘DD4BC’,” Brailey told CoinDesk.

History of attacks

A string of incidents involving DD4BC last year culminated with the creation of a 100 BTC bounty after the group targeted bitcoin exchange and wallet service Bitalo.

This amount swelled to 110 BTC following a contribution by AntPool operator Bitmain during the mining pool attacks.

Other companies impacted by the group in the past year include BitQuick, BitBay, Expresscoin and CoinTelegraph.

Image via Shutterstock

Read more

Crime News DDoS DD4BC