[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Ransom DDoS attack - need help!
- Subject: Ransom DDoS attack - need help!
- From: cbaker at dyn.com (Chris Baker)
- Date: Thu, 3 Dec 2015 09:59:57 -0500
- In-reply-to: <CAC6=tfai5ppt3H78vqqP5q1nEYF7BzASOo8LthML8CC-jM96LA@mail.gmail.com>
- References: <CAA3uY602BOVHFLFK0dhp1irvKdfRDb9A1HJLEM3_hrt+FkCtYw@mail.gmail.com> <CAC6=tfai5ppt3H78vqqP5q1nEYF7BzASOo8LthML8CC-jM96LA@mail.gmail.com>
Can you provide some additional details? Is it someone claiming association
with a known group like DD4BC or the Armada Collective or unbranded?
Cheers,
CBaker
On Thu, Dec 3, 2015 at 9:54 AM, Josh Reynolds <josh at kyneticwifi.com> wrote:
> Sounds like lizardSquad may be at it again
> On Dec 3, 2015 8:53 AM, "halp us" <throwaway1958251 at gmail.com> wrote:
>
> > All,
> >
> > I've been a NANOG member for many years but I'm emailing from an
> anonymous
> > account to reduce the chance of the attackers finding me.
> >
> > A company that shall remain anonymous has received a ransom DDoS note
> from
> > a very well known group that has been in the news lately. Recently
> they've
> > threatened to carry out a major DDoS attack if they are not paid by a
> > deadline which is approaching. They've performed an attack of a smaller
> > magnitude to prove that they're serious.
> >
> > Based on certain details that I can't reveal here, we believe the
> magnitude
> > of the upcoming attack may be in the several hundred Gbps.
> >
> > I would really appreciate help in a few areas (primarily with certain
> > provider contacts/intros) so we can execute our strategy (which I can't
> > reveal here for obvious reasons). If you email me off-list with a
> > name/email that you've previously used on-list, I will reply from my real
> > email.
> >
> > Alternatively, if you can post your experiences on-list with large scale
> > high profile ransom DDoS attacks, I'd really appreciate it!
> >
> > Thanks
> >
>