Hackers Place Monero Ransom Demands Inside DDoS Traffic

After several months of calm, DDoS hackers became active again and began to destroy websites. Recently, attackers have carried out a number of attacks using a new method of overloading victims' servers with fake traffic. To make attacks more powerful, hackers began using servers that help speed up sites - CDN servers for distributed caching in RAM.

The largest attack of this kind was repelled on February 28 by Github, a web service for hosting IT projects and their joint development. The power of the attack reached 1.35 TB of data per second, and in recent attacks, attackers began adding ransom demands to the array of attack traffic.

Such demands are not new, but previously ransomware only used email campaigns; demands in incoming traffic are another unpleasant surprise. In fact, the attack includes phishing, elements of a DDoS attack, and extortion. 

Security experts at Akamai, which helped fend off the Github attack, told Fortune that the hackers were demanding a ransom in Monero (XMR). It looked like this: “Pay_50_XMR_to the address” and the address of the digital wallet.

As Lisa Beagle, senior manager of the Akamai security service, comments on the situation, this is the first time the team has encountered such an attack.

Akamai specialists do not know whether any of the victims transferred currency to the ransomware account or not. Since Monero requires ransom, it is more difficult to monitor transactions. Moreover, it is more difficult even for the hackers themselves to understand which of the victims paid them. 

Paying the required ransom is not the best idea, since this does not guarantee the emergence of new lovers of easy money and does not at all guarantee that the attackers, having received theirs, will stop attacks.

Akamai experts give disappointing forecasts and claim that the attacks will not stop.

According to http://fortune.com