The National Office for Cyber and Information Security (NÚKIB) issued a warning to the public and private sectors of a surge in DDoS cyberattacks. According to the office, the attacker pretends to be a cybercriminal group called Fancy Lazarus, which, under the threat of a strong DDoS attack, demands payment of a ransom in bitcoins. The office also warned against the extortion campaign in the second half of May.
The office stated that in this wave of the campaign, after non-payment of the ransom within the given deadline, the attack will begin and the required amount will gradually increase every other day. “The attacker communicates via e-mail – most often from mailboxes from the protonmail.com domain. The e-mails are targeted at the top representatives of the institution and contain instructions for paying the ransom,” the office said.
In the case of receiving a similar extortion e-mail, the Office recommends not to pay the ransom and to contact the police or the operator of the national CERT, which is the security team for coordinating the resolution of security incidents in computer networks, and possibly NÚKIB.
In the second half of May, NÚKIB warned against the extortion software Avaddon, this campaign is aimed at Czech companies and organizations across sectors. Attackers in the infected system encrypt the files and publish some of the data on the so-called dark web to motivate the blackmailer to pay for decrypting and not publishing the rest of the data. The dark web or dark web is a part of the internet that cannot be accessed by internet search engines.