A DDoS Gang is Extorting Businesses Posing as Russian Government Hackers (zdnet.com) 18
For the past week, a group of criminals has been launching DDoS attacks against companies in the financial sector and demanding ransom payments while posing as "Fancy Bear," the infamous hacking group associated with the Russian government, known for hacking the White House in 2014 and the DNC in 2016. From a report: The attacks, brought to ZDNet's attention by one of our readers, were confirmed today by Link11 and Radware, two companies that provide DDoS mitigation services and have documented similar "ransom denial-of-service" (RDOS) attacks in the past years. In an interview with ZDNet, Daniel Smith, Radware ERT researcher, said the attacks started last week and targeted the financial vertical. Smith said "the group is launching large scale, multi-vector demo DDoS attacks when sending victims the ransom letter."
A Link11 spokesperson said the same thing, adding that the purpose of these demo attacks is to serve as an initial warning and intimidation factor, to convince victims into paying the ransom demand. According to a copy of the ransom letter, the group is sending victims, the fake Fancy Bear group is asking for payments of 2 bitcoin, which is about $15,000 at today's exchange rate.
A Link11 spokesperson said the same thing, adding that the purpose of these demo attacks is to serve as an initial warning and intimidation factor, to convince victims into paying the ransom demand. According to a copy of the ransom letter, the group is sending victims, the fake Fancy Bear group is asking for payments of 2 bitcoin, which is about $15,000 at today's exchange rate.
Posing? (Score:2)
Why posing? Why not putting their skills to work on the side?
Why Posing? (Score:2, Interesting)
Why posing?
Because with the current RUSSIA RUSSIA RUSSIA! paranoia in the US media and Democratic Party, it makes sense to mask themselves as Russian government operatives to further throw the scent off of investigators. There's a ready-made villain to deflect blame right now. They commit crimes. The Russians get the blame.
The only flaw in this is that Russia tends to be unforgiving of this kind of stuff, and their responses to it tend to be... direct, shall we say.
Re: (Score:3)
Or possibly real Russians creating fake posers as a diversion to hide behind?
Re: (Score:3)
The White House memo stating it had happened and there was a risk of it happening again might be considered "real evidence" and it was available to the public. Now, I suspect that based on your stance, you might not trust the Obama administration to be honest about this, but you would trust the Trump administration. Fortunately, this memo was released by the Trump administration.
Here it is: https://www.documentcloud.org/... [documentcloud.org]
Also the Stone case (Score:2)
The White House memo stating it had happened and there was a risk of it happening again might be considered "real evidence" and it was available to the public.
And Roger Stone asked for evidence [247sports.com] that the Russians hacked the DNC, since it bears on his case and what he's accused of doing.
Not only could the FBI *not* supply any evidence, the FBI never looked at the server. The FBI is relying on analysis done by [private company hired by DNC] CrowdStrike. John Podesta refused to let the FBI take the server, so there is also no real chain of custody.
Also of note:
In May, Stone submitted affidavits from two former intelligence officials who agreed that Russia was an unlikely source for the files, citing metadata, time stamps and even time zone data as evidence that the removal of DNC files may have originated in the United States.
Given the state of the media, fake news, and politics, the statement "Russians hacked the DNC" is entirely u
I think that... (Score:2)
if businesses are posing as Russian Government hackers then they deserve to be extorted.
Re: (Score:2)
if businesses are posing as Russian Government hackers then they deserve to be extorted.
Thank you.
I gritted my teeth when I read the headline, but such is the state of journalism these days.
Don't tweak the bear. (Score:2)
The REAL Fancy Bear isn't going to like their "good" name being associated with amateurs.
I have a feeling there's going to be a few disappearances among the script kiddie community over this.
if everyone is fancy bear nobody is (Score:2)
Why...? (Score:2)
Good for Them (Score:2)
Businesses Posing as Russian Government Hackers ought to be DDoSed as a public service. Kinetic weapons would be better.
Beware Firing Spy vs Spy Hackers (Score:2)
Governments need to keep in mind the future of Spy vs Spy hackers, they know exactly how to break the law, they have been trained to break the law and they routinely as a part of their employment broke the law. When they are fired, you can pretty will guarantee they will break the law, as it was their chosen profession. I'll bet a whole lot of the most criminal hackers are ex, spy vs spy, either on government salary or contractors. Script kiddies are script kiddies and are there to provide cover for the rea
CIA track them down and kill them (Score:2)