From the sound of things the notorious DD4BC gang has suffered a major setback.
According to an announcement from Europol, an international law enforcement operation has hit the DDoS gang hard, arresting one suspected “main target” and detaining others.
DD4BC made a name for itself in the last 18 months or so, launching distributing denial-of-service attacks against businesses in an attempt to extort bitcoins. Typical early victims included gambling websites, but financial institutions have also been targeted by the group.
It goes without saying that you should never pay someone threatening you with a DDoS attack. Aside from the ethical issues, you might find that it’s no guarantee that you won’t just be attacked again.
Here is a YouTube video of a recent presentation by Roland Dobbins of Arbor Networks, examining the DDoS extortion campaigns run by DD4BC.
Law enforcement agencies in Austria, Bosnia and Herzegovina, Germany, and the UK joined forces with Europol to detain the suspects, search multiple properties and seize evidence last month.
The police action, dubbed “Operation Pleiades”, also saw police in Australia, France, Japan, Romania, the United States, and Switzerland co-ordinate in the investigation.
From the sound of things, this was a fine example of cross-border cooperation between law enforcement agencies – something that is becoming more and more critical in the fight against international computer crime gangs.
Will this be the end of DDoS extortion attacks?
No. For one thing, another DDoS extortion group – the Armada Collective – appears to have been filling DD4BC’s shoes in recent months.
But anything that turns up the heat on online extortionists has to be good for all of us.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
One comment on “DD4BC DDoS extortion gang smashed by international cops”
Excellent news, Graham. I wrote a recent post about this, and one of the rock stars of the post is precisely Roland with his amazing talk about DD4BC. You can read the post here: https://www.linkedin.com/pulse/2016-year-3000-gbps-ddos-attack-tech2016-marcos-ortiz-valmaseda?trk=pulse_spock-articles Let me know what do you think about it.