Bitcoin Ransom

Launches an initial DDoS attack (ranging from a few minutes to a few hours) to prove the hacker is able to compromise the website of the victim.

Demands payment via Bitcoin while suggesting they are actually helping the site by pointing out their vulnerability to DdoS

Threatens more virulent attacks in the future

Threatens a higher ransom as the attacks progress (pay up now or pay more later)

Unprotected sites can be taken down by these attacks. A recent study by Arbor Networks concluded that a vast majority of DD4BCs actual attacks have been UDP Amplification attacks, exploiting vulnerable UDP Protocols such as NTP and SSDP. In the spectrum of cyber-attacks, UDP flooding via botnet is a relatively simple, blunt attack that simply overwhelms a network with unwanted UDP traffic. These attacks are not technically complex and are made easier with rented botnets, booters, and scripts.

The typical pattern for the DD4BC gang is to launch DDoS attacks targeting layer 3 and 4, but if this does not have the desired effect, they will/can move it to layer 7, with various types of loopback attacks with post/get requests. The initial attack typically lies on a scale between 10-20GBps. This is rather massive, but often not even close to the real threat.

If a company fails to meet their requests, and if that company does not migrate this attack through various anti-DDoS services, the group will typically move on after 24 hours of a sustained attack. But you should not count on this pattern to manage your cyber security tactics.

HaltDosĀ adapts and blends in your network and requires minimum management

DDoS Protection
Automatic detection and mitigation of DDoS attacks to ensure your application stays online and always available.

Application Delivery
Having server load problems? Deliver content at lightning speed with our Application Delivery Controller.

DNS Firewall
Egress firewall for your enterprise network to prevent data exfiltration through malware.

SSL Proxy
TLS/SSL computation is expensive and can slow down your servers. Offload SSL connections from your servers with SSL Proxy.