cbeast (OP)
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
September 16, 2012, 05:36:26 AM |
|
http://bitcoinmagazine.net/walletbit-under-ddos-1000btc-demanded/DDOS extortion for a Bitcoin ransom could be the next big crime wave. I am sure that DDOS attacks are illegal to begin with, they take on a new dimension with extortion for a significant amount of money. Depending on whether or not Bitcoin is considered money, this could mean that law-enforcement agencies may be looking at a new threat vector with cyber-crime. No longer are DDOS attacks done out of politically driven protest, they are now in the business of racketeering.
|
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
cbeast (OP)
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
September 16, 2012, 05:49:31 AM |
|
Perhaps this is where vigilantism will respond. I wonder what some individual might do to a known DDOS attacker for 1K BTC if it was anonymously offered? This will be interesting to see how it unfolds.
|
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1016
Strength in numbers
|
|
September 16, 2012, 06:08:01 AM |
|
It doesn't seem like it would work.
You pay and they continue... then what?
If the DDoSer linked themselves to a psudo-identity they could build a rep for not doing that.
But it's still ridiculously unstable because once you pay you are a better target. Oh, n/m about the psudo-identity, they can just pretend to be someone new DDoSing you.
Odd to me that they would try for such a high amount in this case. Without knowing much about WalletBit it makes me wonder if the ransom is just weak cover for someone doing it out of spite.
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
cbeast (OP)
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
September 16, 2012, 06:16:23 AM |
|
Why pay the ransom at all? Why not offer an anonymous bounty to have someone pay a friendly visit to the attacker's home? That would make the attacks stop permanently. I'm not saying that they should, but the attacker needs to think about the repercussions of their actions.
|
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
thebaron
|
|
September 16, 2012, 06:18:51 AM |
|
Again, even if they pay, in a high profile case like this it's going to be hard to find places to spend those Bitcoins because of their traceability.
|
|
|
|
Bitcoin Oz
|
|
September 16, 2012, 06:31:11 AM |
|
They should offer a 200btc reward on the attackers heads
|
|
|
|
jgarzik
Legendary
Offline
Activity: 1596
Merit: 1100
|
|
September 16, 2012, 08:52:18 AM Last edit: September 16, 2012, 04:57:33 PM by jgarzik |
|
This is sadly already common in the poker world, HYIP forums, etc. It was only a matter of time I think somebody has already tried DDoS+ransom on MtGox, a while ago, IIUC.
|
Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own. Visit bloq.com / metronome.io Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
|
|
|
Ascholten
|
|
September 16, 2012, 11:56:38 AM |
|
If I am going to DDos you I am not going to do it from my own house. The attack is also going to come from many sources too, hence the second D in DDOS.
With as many stupid people out there with unsecured systems, it's way too easy to set up an army of zombies to do ones bidding, it would be very hard at very best to track an individual like this down unless they were stupid enough to brag about doing the attack.
Aaron
|
|
|
|
Ichthyo
|
|
September 16, 2012, 02:11:20 PM |
|
It doesn't seem like it would work.
You pay and they continue... then what?
indeed, thats what I'd expect to happen. Then, after some time, the victim happens to encounter a friendly and helpful person with lots of connections into "the scene", which points out (s)he can figure out who is behind those attacks and maybe help the victim stopping them discretely for a way smaller "fee".... Maybe it goes on even more subtle, along the lines that the victim just ends up doing "business" with the "angle", you know, that kind of business which is more profitable for the "angle" and more risky for the victim. Surprisingly, since the victim engaged into that business, those attacks will cease.... And the fun fact is: suddenly all those state-haters and freedom lovers start yelling for law enforcement
|
|
|
|
CJGoodings
|
|
September 16, 2012, 02:12:53 PM |
|
This is nothing new, pool operators receive these type of threats all the time. Nobody pays, and the ddos waves hit the shore.
|
|
|
|
hxtop
|
|
September 16, 2012, 03:19:32 PM |
|
May be speculation, because of recent hacker attacks too much, and too regularly, you feel it
|
|
|
|
cbeast (OP)
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
September 16, 2012, 03:25:03 PM |
|
I actually think that DDOS attacks on Bitcoin financial and mining sites will continously escalate as Bitcoin itself grows. I suggest that countermeasures be developed (for law enforcement use, of course) to track down attackers. Also, Bitcoin sites will need to develop new hardening and stealth (decentralization) technologies to defend against attack.
|
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
finkleshnorts
|
|
September 16, 2012, 03:53:37 PM |
|
Again, even if they pay, in a high profile case like this it's going to be hard to find places to spend those Bitcoins because of their traceability.
I'd take them.
|
|
|
|
cbeast (OP)
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
September 16, 2012, 03:56:21 PM |
|
Again, even if they pay, in a high profile case like this it's going to be hard to find places to spend those Bitcoins because of their traceability.
I'd take them. In America, they don't have Internet access in prison.
|
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
scintill
|
|
September 16, 2012, 05:19:53 PM |
|
Again, even if they pay, in a high profile case like this it's going to be hard to find places to spend those Bitcoins because of their traceability.
I'd take them. In America, they don't have Internet access in prison. Anyone got mnemonics/short hand or something that would allow a person to create and sign transactions in prison? Then send them out to someone you can trust enough to broadcast to network (but perhaps not enough to keep your private keys.)
|
1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
|
|
|
thebaron
|
|
September 16, 2012, 05:48:51 PM |
|
Anyone got mnemonics/short hand or something that would allow a person to create and sign transactions in prison? Then send them out to someone you can trust enough to broadcast to network (but perhaps not enough to keep your private keys.)
Tattoo's.
|
|
|
|
stochastic
|
|
September 16, 2012, 05:54:10 PM |
|
http://bitcoinmagazine.net/walletbit-under-ddos-1000btc-demanded/DDOS extortion for a Bitcoin ransom could be the next big crime wave. I am sure that DDOS attacks are illegal to begin with, they take on a new dimension with extortion for a significant amount of money. Depending on whether or not Bitcoin is considered money, this could mean that law-enforcement agencies may be looking at a new threat vector with cyber-crime. No longer are DDOS attacks done out of politically driven protest, they are now in the business of racketeering. I remember reading an article on online casinos that have this problem. The criminals did not ask for bitcoins, just USD by wire transfer like through western union. Could not find the original article, but here is another one: http://www.blackjackchamp.com/casino-news/15733-online-gambling-sites-face-extortion/
|
Introducing constraints to the economy only serves to limit what can be economical.
|
|
|
Draino
|
|
September 16, 2012, 06:24:12 PM |
|
i don't understand the logic here very well
i think principle would tip the edge for taking a beating, rather than handing over money, since income is being crippled either way
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
September 16, 2012, 06:28:22 PM |
|
http://bitcoinmagazine.net/walletbit-under-ddos-1000btc-demanded/DDOS extortion for a Bitcoin ransom could be the next big crime wave. I am sure that DDOS attacks are illegal to begin with, they take on a new dimension with extortion for a significant amount of money. Depending on whether or not Bitcoin is considered money, this could mean that law-enforcement agencies may be looking at a new threat vector with cyber-crime. No longer are DDOS attacks done out of politically driven protest, they are now in the business of racketeering. If nothing else, over time, this will encourage those developing infrastructure and network protocols to evolve the internet to have abilities to rapidly mitigate them.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
sadpandatech
|
|
September 16, 2012, 06:35:33 PM |
|
i don't understand the logic here very well
i think principle would tip the edge for taking a beating, rather than handing over money, since income is being crippled either way
It's a pointless game that has been played out many times against bitcoin services and is not new for the rest of internet exposed businesses. As you say it is much better to jsut ignore them and tighten up your anti ddos measures. Not to mention the longer they maintain a ddos the more likely they are to get caught. Its only a matter of time before their c&c is given up by one of the zombies and they are found or shut down from there.
|
If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
|
|
|
|