European law enforcement has arrested and detained two alleged members of a hacking group linked to DDoS attacks and Bitcoin extortion, DD4BC.
Europol says the investigation, under the name Operation Pleiades, led to the arrest of one main target and another suspect being detained.
On Tuesday, the European Union’s law enforcement agency revealed investigators from Europol, Bosnia and Hezegovina, Germany, France, Japan, Romania, Switzerland, the UK and the US contributed in tracking down the hacking group.
DD4BC — otherwise known as Distributed denial-of-service for Bitcoin — is a group dedicated to extorting virtual currency from companies. Emerging in the middle of 2014, DD4BC used the threat of DDoS attacks and held companies to ransom unless they agreed to pay a fee in Bitcoin.
Europol says that law enforcement has identified “key figures” in DD4BC alongside the arrests, and an “extensive amount of evidence” has been seized.
DD4BC caught the eye of European police following a move from extortion mainly in the gambling industry to companies within the financial and entertainment sectors. The group has targeted a number of high-profile corporations.
According to Akamai Technologies’s State of the Internet report (.PDF), the group is responsible for a number of Bitcoin extortion campaigns and DDoS attacks. The company recorded an average peak bandwidth of 13.34Gbps during attacks with the largest DDoS campaign peaking at 56.2Gbps.
It is not known how many members are within the group, but they are considered “highly sophisticated and aggressive” by Heimdal Security.
DD4BC’s normal method is to launch a DDoS attack against a target which may end up bringing down core business services, disrupting operations and causing severe financial losses for the target — especially if a server is overloaded and legitimate traffic cannot get through on Web domains.
This attack would last roughly an hour, after which the hacking group would send a blackmail email demanding 1 BTC. If the company failed to comply, DD4BC would threaten to increase the level of attack — and ransom required — or move on to another target.
The operation is ongoing.
Paul Nicholson, director of product marketing at cybersecurity firm A10 Networks commented:
“Europol’s apprehension of the extortionists behind the DD4BT group signifies a high-profile win for law enforcement, but this isn’t the last we’ve heard of DDoS attacks for the purpose of ransom.
For organizations such as banks, financial institutions and even gambling websites, network downtime is equated with an immediate loss of revenue, which can lead them to give in to demands. Fortifying defenses must be these organizations’ top priority.”
Read on: Top picks