DDoS attack with blackmail

• Previous message (by thread): DDoS attack with blackmail
• Next message (by thread): DDoS attack with blackmail
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 20, 2021 at 12:28 PM Baldur Norddahl
<baldur.norddahl at gmail.com> wrote:
> We got attacked by a group that calls themselves "Fancy Lazarus". They want payment in BC to not attack us again. The attack was a volume attack to our DNS and URL fetch from our webserver.
>
> I am interested in any experience in fighting back against these guys.

If you announce your addresses with BGP then your first two calls
should be to a DDOS mitigator and the FBI. You can reclaim your
routing from the DDOS mitigator after the group gives up but should
keep the relationship with the mitigator so you can more quickly
activate it next time.

If you don't do BGP, substitute your ISP for the DDOS mitigator and
hope they're among the clueful. Call the FBI either way.

There's nothing super fancy about a DDOS mitigator. They take over
your BGP, bringing packets to them first instead of to you. They have
big enough connections to sink whatever packets the attacker sends
their way. They filter this data and then allow just the legitimate
packets to make their way over a VPN back to you.

Regards,
Bill Herrin


-- 
William Herrin
bill at herrin.us
https://bill.herrin.us/

• Previous message (by thread): DDoS attack with blackmail
• Next message (by thread): DDoS attack with blackmail
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]