Europol said Tuesday that it has arrested a “main target” and detained another suspect from an online extortion group that threatened to boot companies offline if they didn’t pay up.
The group is known as DD4BC, which stands for Distributed Denial of Service for Bitcoin, after the cyberattack of that name, which knocks websites offline by overwhelming them with a flood of traffic. The attackers sent ransom notes with their threats, requesting varying sums in bitcoin.
Read: FBI says hackers shake down big banks, threaten to shut sites if they don’t pay up
Companies that do business online lose money each minute their websites are nonfunctional — as much as $100,000 an hour for financial companies, according to Neustar, a Sterling, Va.-based information services and analytics company.
Europol, the European Union’s police agency, said in a press release that DD4BC has run these extortion campaigns since mid-2014, targeting the financial, online gaming and entertainment sectors, as well as high-profile companies.
The cyber gang launched at least 141 attacks as of September 2014, according to Akamai, a Cambridge, Mass.-based company that provides protection against such threats. The bitcoin ransoms vary, and Akamai found requests starting from 25 bitcoin (at the time of this writing, the equivalent of about $11,200).
Europol said police tracked down “key members of the organised network” in Bosnia and Herzegovina and seized an “extensive amount” of evidence.
Law enforcement agencies worldwide, including the Secret Service and the Federal Bureau of Investigation, assisted in the investigation called Operation Pleiades, Europol said. The Secret Service and FBI didn’t immediately return a request for comment.