Arrest in Europe DDoS Attack Group

Tuesday, January 12, 2016 @ 06:01 PM gHale

One person is under arrest and another detained after a joint effort from law enforcement officials in Europe led to an operation against the cybercriminal group DD4BC (Distributed Denial of Service — DDoS — for Bitcoin).

The sweep occurred December 15 and 16 and agencies from Austria, Bosnia and Herzegovina, Germany and the United Kingdom joined forces with Europol.

UK Man Busted for Data Breach
UK Teen Faces DDoS Charges
Hackers Breach FBI Information Portal
Boost in Printer Security

The DD4BC group is exploiting the increasing popularity of pseudonymous payment mechanisms and has been responsible for several Bitcoin extortion campaigns since mid-2014. DD4BC primarily targeted the online gambling industry, but now broadened their activity to the financial services and entertainment sector as well as other high-profile companies. Businesses that pay the ransom to the blackmailers risk appearing vulnerable and targeted again for a higher amount.

The action was a part of a global law enforcement response against the criminal organization. Key members of the organized network ended up discovered in Bosnia and Herzegovina by the UK Metropolitan Police Cyber Crime Unit (MPCCU) which provided information to the investigation.

Operation Pleiades resulted in the arrest of a main target and one more suspect detained. Officials conducted multiple property searches and an extensive amount of evidence ended up seized.

The operational activity, initiated by Austria, gained support from Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT). Operational meetings were in The Hague to discuss and plan coordinated law enforcement actions against DD4BC.

Europol deployed a mobile office, allowing direct access to Europol’s forensic tools and its databases for cross-checking, analyzing and exchanging intelligence in real time.

Distributed Denial of Service (DDoS) attacks remain a threat in Europe. This type of extortion attack has become a well-established criminal enterprise and has affected thousands of victims globally, with the number of unreported incidents believed to be much higher. The absence of reporting by private companies and individuals poses particular difficulties in law enforcement’s efforts to prosecute these cyber threats.

“Law enforcement and its partners have to act now to ensure that the cyberspace affecting nearly every part of our daily life is secure against new threats posed by malicious groups,” said Wil van Gemert, Europol’s Deputy Director Operations. “These groups employ aggressive measures to silence the victims with the threat of public exposure and reputation damage. Without enhanced reporting mechanisms law enforcement is missing vital means to protect companies and users from recurring cyber-attacks. Police actions such as Operation Pleiades highlight the importance of incident reporting and information sharing between law enforcement agencies and the targets of DDoS and extortion attacks.”