DD4BC : extortion of Bitcoins by hackers

Security researchers report a rising number of DD4BC attacks, involving one or more hackers whose speciality is the extortion of Bitcoins via Distributed Denial of Service hacking.

DD4BC, an acronym meaning “DDoS for Bitcoins”, appeared in the summer of 2014. Its initial targets were online gaming sites, whereas today’s hacks are essentially aimed at financial institutions and not restricted to a particular country.

Several hundred attacks have taken place since June 2015. The procedure used by the hacker is always the same:

  • The victim receives an e-mail stating that he or she must pay the hackers a sum in Bitcoins ranging from 200 to 22,000 euros.
  • An initial low-level DDoS hack is launched simultaneously against the victim’s website, to demonstrate the intention and capability of DD4BC.
  • If the victim does not pay, larger-scale attacks are launched.
  • DD4BC boasts on social networks in order to humiliate the victims whose websites did not withstand attack.

The hackers deploy familiar DDoS methods, targeting the usual ports and protocols. The average power of an attack is some 15 GB/sec, and can reach 56 GB/sec. Although the mode of extortion is innovative, the technique used is not sophisticated: any individual with access to cybercrime forums can use them to purchase DDoS attacks of a similar power level against targets of their choice.

Attacks using this methodology may multiply and become the preferred technique of cybercriminals other than DD4BC hackers, for at least three reasons: the organisations targeted sometimes have ill-prepared network architectures and inadequate procedures to withstand DDoS hacks; such attacks can very easily be launched, even by novices; and, lastly, Bitcoins offer the ability to collect ransom money in an anonymous manner.