[nsp-sec] pay 100 btc(bitcoin) or will be subjected to DDoS attacks 100 Gbit/s
Tim Kleefass
kleefass at belwue.de
Tue Sep 6 10:52:12 EDT 2011
List,
We received some e-mails today claiming different webserver from us or
our customers "will be subjected to DDoS attacks 100 Gbit/s" if we do
not "pay 100 btc(bitcoin)" to different bitcoin accounts.
Normally we would ignore this, but it is getting more aggressive and a
customer found this forum (in german)
http://www.sellerforum.de/internet-sicherheit-f56/erpressungsversuch-mit-ddos-attacke-t21865.html
were people say that there were subject to an attack.
(These people have 1 or 6 posts, maybe not trustworthy at all... One
person says they could filter it with IP filters, they found "ru" in the
USER_AGENT, for me it seems like "a lot of" http requests and not
100Gbit/s...)
So, I am interested in feedback, if someone of you got also such e-mails
and was subject to a DDOS or another attack.
Some of these e-mails are attached, included in an e-mail from our
postmaster to yahoo, as all of these e-mails were sent from (one-time?)
yahoo e-mail accounts.
Thanks,
Tim
--
Tim Kleefass, Network Engineer
BelWü-Koordination, Universität Stuttgart
Industriestr. 28, 70565 Stuttgart
Loc.: N48° 43.4655 E9° 7.11037
NOC/IP: 01803/BELNET = 01803/235638
Tel. +49 711/685-65586 (Durchwahl)
Fax +49 711/678-8363
E-Mail: ip at belwue.de - http://www.belwue.de
There is no place like ::1
-------------- next part --------------
An embedded message was scrubbed...
From: "Juergen Georgi via RT" <abuse at belwue.de>
Subject: [BelWue #29721] DDOS threatening from yahoo.com senders
Date: Tue, 06 Sep 2011 11:27:58 +0200
Size: 14858
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20110906/34f66db0/attachment-0001.eml>
More information about the nsp-security
mailing list