An Old Crime in New Clothes: Hackers Demanding Bitcoin Ransom

The threat of blackmail never really goes away. It’s just now the bad guys want their anonymous payments in bitcoin (BTC).

In a Distributed Denial of Service, or DDoS, attack hackers bombard a website with so much traffic from multiple sources the site can’t function. To make the problem go away, hackers are demanding ransom in cryptocurrencies, which make the payments easier for them to get.

“It’s really easy to send money now through anonymous means instantaneously,” Barrett Lyon, vice president of DDoS Defense at Neustar, tells ThirtyK. “It’s the perfect enabler for this kind of thing.”

Attacks will only get worse thanks to the internet of things. Your best defense? Harden your firewalls and plug network access holes.

He says Neustar started to see the DDoS/bitcoin attacks pop up about a year ago. The demands aren’t that exorbitant – just a couple of bitcoins. But at the cryptocurrency’s current value, that amounts to about $13,580.

The most common targets are businesses operating in real time such as gambling sites that take bets on horse races. “That horse race is going to happen and people need to place their bets,” Lyon says.

Gold and Western Union

Starting around 1999, Lyon says he saw attackers shutting down sites through DDoS attacks and then using anonymous websites such as e-gold.com, which used gold as its currency, to demand payment. In 2007, e-gold.com’s owners were indicted for violating money-laundering regulations. Eventually the service shut down.

For a short time, Lyon says, attackers tried to run the same DDoS extortions by demanding money via Western Union. However, Western Union’s transfers can be easily tracked and the company has physical locations, so it was easy for law enforcement to “set up people outside of Western Union offices and arrest patsies that were picking up the money,” Lyon says.

Fuel for Extortion

This recent spate of DDoS attacks isn’t the first way bitcoin has been used in high-tech extortion. A team at the University of Padua in Italy found ransomware attacks demanding bitcoin as far back as 2013. Ransomware is a type of malware that infects victims’ computers and restricts access to files until the victims pay up.

Also, July 2017, hackers threatened HBO saying they’d release 1.5 terabytes of stolen data, including unaired episodes of the show “Game of Thrones,” unless they were paid $6 million worth of bitcoin. The U.S. Department of Justice later charged an Iranian national with the crime.

The IoT Entryway 

Lyon says the DDoS/bitcoin attacks will only get worse because of the growth in the internet of things. “With IoT you have a lot more devices on the internet, and with more devices you have more diverse operating systems, which means there’s a lot more things to hack,” he adds.

The best defense? Protect your website and business against successful DDoS attacks before they start. That means such things as using an antivirus program, strengthening your network’s firewall and changing your network’s configurations to block the holes in the system.