Distributed denial of service attacks, otherwise known as DDoS, have now added a cryptocurrency mining twist to the scam, requiring victims to pay the ransom.
According to a report in Fortune, Akamai, the internet services company, was looking into the increase in DDoS attacks when it noticed that within the malicious traffic were ransom notes. In one example, a note demanded 50 XMR, or Monero, which is a cryptocurrency. The report noted that as of March 3, this amount of Monero was worth around $16,000.
Fortune noted that Monero has become an attractive cryptocurrency for the bad guys because it is harder to trace than bitcoin. While Monero and bitcoin both use public ledgers for recording and tracking transactions, Monero hides the sender, recipient and size of the transaction. The anonymity associated with Monero also makes it harder for the hackers to know which firms paid and which didn’t.
"It’s actually like a DDoS attack with a phishing attack with an extortion attack all rolled into one," said Chad Seaman, a senior engineer with Akamai's security intelligence response team.
According to the report, it's not unusual for DDoS attacks to also have a ransom component to them. In those cases, the demands are usually made through an email or other types of communications after the attack kicks off, in essence killing two birds with one stone. As Akamai pointed out, when the ransom notes are sent via email, spam protection may prevent the victims from seeing them. If the ransom note is in the DDoS code, it’s a given that the security analysts at the targeted firm will see the ransom.