A new group impersonating the Fancy Bear threat actor group has been targeting victims across the world in copycat attacks, pretending to be the Russian state-backed hackers. The security firm Radware published recent extortion notes sent by the group to companies across the world, demanding bitcoin in exchange for safety. The digital extortion attacks request money and threaten to launch DDoS attacks against the victim if demands are not met.
The digital extortion style of attack has resurfaced several times over the last decade, leveraging public anxieties over the rising risk of ransomware attacks in order to make some money off of global organizations. The attackers try to convince the victim to pay the demands before actually executing an attack, conducting attacks in the opposite order of a ransomware attack. According to Radware, the attacks seemingly don’t target certain regions, however, cybercriminals tend to pose as Lazarus Group when extorting money from financial organizations and Fancy Bear when targeting the manufacturing industry.
Read More: Fancy Bear Imposters Are on a Hacking Extortion Spree