Oh… there goes Route 53 while Fancy Bear awakes from their hibernation.
Exactly three years after the attack on Dyn–one of the largest attacks in DDoS history–AWS was severely impacted by a DDoS attack on its S3 and Route 53 DNS infrastructure causing outages across the globe.
Meanwhile, a group posing as Fancy Bear is spreading Ransom Denial of Service (RDoS) letters in the finance vertical and following through on their threats. The DDoS attacks already affected South African ISPs, leaving subscribers in Cape Town and Johannesburg with intermittent connectivity issues.
Unrelated to the DDoS campaigns (we assume), the City of Johannesburg fell victim to a cyber attack, which led to its information systems being compromised. The city’s employees received a ransom note from a group called ‘Shadow Kill Hackers’ demanding 4 bitcoin (about $40,000 USD at today’s rate) and claiming control of all of the city’s servers and data, having compromised all passwords and sensitive data. As a precautionary measure, customer-facing systems, including the city’s website, e-services and billing systems, were shut down during the investigation.
Global RDoS Campaign Targeting Financial Sector
Last week, our threat research and Emergency Response Team started receiving notices from customers about RDoS letters from a group posing as ‘Fancy Bear’ demanding 2 bitcoin ($20,000 USD). If demands were not met, the group followed through with actual multi-vector flood attacks leveraging different amplificatio ..
Support the originator by clicking the read the rest link below.
