A hacker group named DD4BC and active since September of 2014 has been implicated in over 141 DDOS attacks for ransom.
The team, identified and analyzed by Akamai's Prolexic Security Engineering and Response Team (PLXsert), has been very busy over the past few months, making numerous DDOS attacks against Akamai customers, demanding Bitcoins as a ransom to stop their attacks.
Most of the attacks targeted Akamai customers in the financial sector, where the chances are higher exportof a Bitcoin payment compared to other industries.
This is due to the fact that financial companies tend to have bigger losses per minute of their downtime compared to other players in the health, tourism, telecommunication, or other fields.
Σύμφωνα με την έκθεση της Akamai, οι περισσότερες από τις επιθέσεις γίνονται μέσω πρωτοκόλλων όπως τα NTP (Network Time Protocol), SSDP (Simple Service Discovery Protocol), UDP (User Datagram Protocol), TCP (Transmission Control Protocol), ICMP (Internet Control Message Protocol), DNS (Domain Name System), and SNMP (Simple Network Management Protocol).
In addition, researchers noted that DD4BC they used a vulnerability in mode WordPress pingbacks, to cause DDOS attacks from various WP sites on the Web.
DDOS attacks do not reach extremely high prices, generally averaging 13,34 Gbps, with a maximum of 56 Gbps.
The usual methodology of an assault by the DD4BC team is to first send an email that is recommended by referring to the previous activities and then asking Bitcoins as a ransom from the company.
The ransom usually ranges from 25 to 100 Bitcoin, which is around 5.350 - 21.400 euros.
If the extorted companies do not send the ransom in addition to activating the DDOS attack, DD4BC threatens the company with the disclosure of data (usually on social media) that can destroy the reputation of these companies.
Akamai did not say whether there were companies that ended up paying ransom but said they blocked at least 75 from 141 DDOS attacks recorded through its servers.
since report includes only Akamai server data, the actual number of DDOS attacks is likely to be multiple.