Hacking Group Is Charging German Companies $275 For 'DDoS Tests'

An anonymous reader writes: "A group calling itself XMR Squad has spent all last week launching DDoS attacks against German businesses and then contacting the same companies to inform them they had to pay $275 for 'testing their DDoS protection systems,' reports Bleeping Computer. Attacks were reported against DHL, Hermes, AldiTalk, Freenet, Snipes.com, the State Bureau of Investigation Lower Saxony, and the website of the state of North Rhine-Westphalia. The attack against DHL Germany was particularly effective as it shut down the company's business customer portal and all APIs, prompting eBay Germany to issue an alert regarding possible issues with packages sent via DHL. While the group advertised on Twitter that their location was in Russia, a German reporter who spoke with the group via telephone said "the caller had a slight accent, but spoke perfect German." Following the attention they got in Germany after the attacks, the group had its website and Twitter account taken down. Many mocked the group for failing to extract any payments from their targets. DDoS extortionists have been particularly active in Germany, among any other countries. Previously, groups named Stealth Ravens and Kadyrovtsy have also extorted German companies, using the same tactics perfected by groups like DD4BC and Armada Collective.

sounds like the mob pay up if you don't want somet

[Joe_Dragon]

sounds like the mob pay up if you don't want something bad to happen.

Doing it wrong!

[Gravis+Zero]

What you should be doing is actually selling a DDoS protection service and then have an IoT botnet that attacks targets that don't use your service! Do these idiots know nothing of capitalism? ;)

Re:sounds like the mob pay up if you don't want so

[Frosty+Piss]

sounds like the mob pay up if you don't want something bad to happen.

At $275 a crack? Sounds like Skript Kiddies.

Re:sounds like the mob pay up if you don't want so

[Frosty+Piss]

If it works 1000 times, it sounds like three times my salary.

I'm sorry, maybe work on your LinkedIn profile...

However, what makes you think it will "work" 1000 times? It's a lame DDoS attack aimed at some very large companies. Did you read the article?

Following ridicule from fellow hackers, who made fun of the group for failing to understand how a DDoS extortion works, the group closed their Twitter account earlier today.

...and...

The attention they got wasn't the one they expected, as their hosting provider took down their website, located at xmr-squad.biz.

Lamers.

Re:Fighting from a Different Angle?

[ls671]

The Internet Backbone is just a set of tubes. Don't pray for what you are suggesting please.

whoosh ;-)

Re:Ok

[ls671]

We need to get rid of Bitcoin or any other virtual currencies if we don't then online hacks will continue.

We need to get rid of all currencies if we don't then online hacks will continue.

Isn't this like thowing brick at windows...

[squash_me_quickly]

and then trying to charge the business owners for service like "penetration testing", "quality assurance", or "theft prevention".

The "real world" version is ridiculous to 100% of the world, even the criminals.

Why is there any doubt about the illegality of the "on-line" version?

Re:Isn't this like thowing brick at windows...

[lastman71]

They basically scour the internet for websites in Germany which don't have an Impressum (i.e. a page with the name, address, various other details of the owner) and then track them down and send them a bill for letting them know they are violating the law.

"Thank you very much for your advise. Unfortunately, we are already contacted 10 minutes ago, for the same thing by someone else, so we are paying them instead of you ... "

And also I expect there is no legal obbligation for paying non requested service...

Remember the good old days?

[BarbaraHudson]

Remember the good old days when anyone could run a free ddos test just by getting slashdotted?