Over the past several weeks, an unknown hack group has been carrying out ransomware DDoS attacks against major financial service providers. Hackers demand from victims to pay ransom in bitcoins, and otherwise continue attacks.
According to the publication ZDNet, this week such attacks have already affected MoneyGram money transfer service, Indian YesBank, PayPal, Braintree and Venmo… Moreover, cybercriminals also fell victim to New Zealand Stock Exchange, which due to attacks was forced to suspend trading for three days in a row.
The attacks appear to be the very same hack group that Akamai had warned about earlier this month. Let me remind you that then experts wrote about a new wave of ransomware attacks, during which hackers impersonate such well-known hacker collectives as Fancy Bear and Armada Collective.
In an updated version of its report, Akamai confirmed that the group is launching sophisticated DDoS attacks against its targets, which in some cases reach nearly 200 Gbps. The researchers note that the group demonstrates sophistication and frequently changes the protocols it uses to attack.
ZDNet's own source, who wished to remain anonymous, also confirmed that the hackers behind the attacks have serious skills, with some of the attacks reaching 50-60 Gbps this week.
While DDoS ransomware usually target the public websites of their victims, this grouping more often attacks internal infrastructure, API endpoints, and DNS servers of companies, which is why the new wave of attacks has already led to very serious consequences and lengthy outages. For example, in the case of the New Zealand Stock Exchange, hackers targeted its hosting provider, Spark, which ultimately led to disruptions. other clients…