Pay or we’ll knock your site offline—DDoS-for-ransom attacks surge
A number of sites have been hit by distributed denial-of-service attacks over the past week. Strong enough to knock some of them offline for days at a time, these DDoS attacks have been launched by extortionists demanding thousands of dollars in ransom money.
One of the latest sites to be targeted is FastMail. In a blog post published Wednesday, the Australian e-mail provider said it was hit by a wave of data assaults on Sunday that were soon followed by e-mails demanding a payment of 20 Bitcoins, worth about $6,600 at current exchange rates. Other services reporting similar shakedowns include Hushmail, Runbox, and VFEMail. As Ars reported last week, ProtonMail paid a $6,000 ransom only to be taken out by a new round of attacks. Zoho also reported a week-long struggle to beat back DDoS attackers but made no mention of receiving a ransom demand.
“The attackers have demanded a ransom, which we will not pay, and have promised an increase in the intensity of the attacks,” Hushmail wrote in their advisory, which was published last Friday. “As such we expect that there will be continued attacks, which may result in further interruptions in service. We are continuing to improve our protection against these attacks, and have filed a criminal complaint with the relevant authorities.”