Websites are being told that they have until September 30th to pay extortionists $720 worth of Bitcoin, or else suffer a distributed denial-of-service (DDoS) attack.
Thousands of companies around the world are thought to have received emails in the last few days claiming to come from “Phantom Squad” with the subject line “DDoS Warning”.
The emails reads as follows:
FORWARD THIS MAIL TO WHOEVER IS IMPORTANT IN YOUR COMPANY AND CAN MAKE DECISION!
We are Phantom Squad
Your network will be DDoS-ed starting Sept 30st 2017 if you don’t pay protection fee – 0.2 Bitcoin @ [removed].
If you don’t pay by Sept 30st 2017, attack will start, yours service going down permanently price to stop will increase to 20 BTC and will go up 10 BTC for every day of attack.
This is not a joke.
Review of this article
Never payThe most essential is never to pay. These attackers' economy is based on the few who pay the ransom, even if they hack other hardwares for their botnets they need to eat and so on. If they cannot earn their life that way they'll have to stop.
If you pay, they will go on threatening you because you are rentable for them. Your insurances will not necessarily cover you.
Ask professionalsIn this situation, we never know if it's a pure threat or if they have the means to effectively DDOS. In both case, ask professionals, such as DDOS mitigation services or servers and networks providers. They will act consequently, temporarily affecting more ressources to your infrastructure. They will use techniques as honeypots, scalability by temporarily caching your frontend pages in CDN. They will reinforce their detection at proxy levels to stop the bad traffic as soon as possible.
Many companies on the market can help you mitigate that risk legally. That way, your insurances will more easily cover up for you.