Silence Hacking Crew threatens Australian banks of DDoS attacks

Pierluigi Paganini February 26, 2020

DDoS extortionists are blackmailing Australian banks asking for payments of large sums in Monero cryptocurrency threatening DDoS attacks.

Cybercriminals are threatening Australian banks of DDoS attacks if they will not pay large sums in Monero cryptocurrency.

The extortion campaign was observed over the past week, attackers are sending emails to the banks threatening to carry out distributed denial of service (DDoS) attacks if the financial organizations will not pay the ransom. The hacking group behind these threats claim to be the ‘Silence Hacking Crew’, 

“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian Organisations, primarily in the banking and finance sector.” reads the advisory published by The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC).

“The threats in question are delivered via email, and threaten the recipient with a sustained DoS attack unless a sum of the Monero cryptocurrency is paid. The actors behind these threats claim to be the ‘Silence Hacking Crew’, however the ACSC is unable to verify this claim.”

The threats are believed to be part of a global ransom denial of service campaign that began last year in October.

At the time of writing, experts haven’t observed DDoS attacks, the ACSC has received no reports of the threats eventuating in DoS but it is recommending organizations to be prepared for any DoS attack before it occurs,

Experts pointed out that the hacker crew behind this long-running extortion campaign regularly changed the name.

Over the months they used the names like Fancy Bear and Cozy Bear, the popular Russia-linked APT groups, Anonymous and Carbanak.

Authorities suggest to now pay any ransom, the ACSC suggests organizations to contact their service provider(s) about their ability to immediately implement any responsive actions.

  • Blocking the offending IP address(es).
  • Temporarily transferring online services to cloud-based hosting with high bandwidth and content delivery networks that cache non-dynamic websites.
  • Preferably using multiple major cloud service providers to obtain redundancy.
  • Engage a DoS attack mitigation service for the duration of the incident.
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, DDoS)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment