NZX, PayPal and Other Financial Services Fall Prey to DDoS-for-Bitcoin Attacks

Recently, a criminal gang has started conducting DDoS attacks against NZX, Paypal and other financial services.

By · Aug 27, 2020 . 6min read

DDoS-for-Bitcoin Attacks

Recently, a criminal gang has started conducting DDoS attacks against some of the world’s largest financial service providers. It demands a ransom in Bitcoin from the potential victims so that its members can stop their attacks. A few days ago, the DDoS gang blackmailers attacked financial services, specifically money transfer services. It included PayPal, MoneyGram, Yes Bank India, Braintree, and Venmo.

According to a report published on August 17, the gang behind these attacks targeting PayPal and other financial services appears to be known as “Akamai”. Besides, DDos gang blackmailers use names Armada Collective and Fancy Bear. The most famous hacking groups inspire these names. It sends e-mails to target companies and threatens them with DDoS attacks. It can have high financial costs for the affected businesses. However, to avoid this, the victims need to agree to pay a massive ransom in Bitcoin. The attacks are called “DDoS extortions” or “DDoS-for-Bitcoin”. They first appeared in the summer of 2016.

NZX Halts its Trading owing to DDoS Attacks

Trading was halted on New Zealand’s stock exchange on Thursday for the third day in a row. New Zealand’s Exchange stated that trading in its cash markets closed at around 11:10 a.m. local time due to network connectivity issues. It occurs due to this week’s cyber attacks. It then decided not to re-open the NZX Main Board, the NZX Debt Market and Fonterra Shareholders’ Market for the rest of the trading day. Additionally, it also closed the NZX Derivatives Market. On Tuesday, NZX said it experienced a DDoS (distributed denial of service) attack overseas via its network service provider. It agitated the final hour of trading in its cash markets. Its websites and the market announcement platform were also affected.

Unlike other DDoS blackmailers who often target their victims’ public sites, this new team has frequently targeted the backend infrastructure, the endpoints API, and DNS servers. Besides, the team displayed its skills and complexity by constantly evolving protocols abused for DDoS attacks. Thus, making it challenging for defenders to prepare and predict how the next attack will occur. This did not give a time frame to companies to develop protections required to avoid such a thing.

Conclusively, DDoS target companies of extortionists, such as PayPal and other financial services. They must be encouraged not to pay the demanded ransom. Instead, they should defend their services as much as possible to avoid falling victim to such attacks.

Follow Cryptodose for more updates.

Share