Lumen Black Lotus Labs™ issues blog detailing the results of research into the reemergence of Ransom DDoS attacks
Print Friendly, PDF & Email

DENVERJan. 21, 2021 /PRNewswire/ — Black Lotus Labs™, the threat intelligence arm of Lumen Technologies (NYSE: LUMN), today released a blog that details the team’s research into the recent increase in Ransom Distributed Denial of Service (DDoS) attacks.

Since the second half of 2020, Black Lotus Labs has observed a disturbing number of entities receiving emails containing the threat of a sustained DDoS attack unless a Bitcoin ransom was paid. The team has observed RDDoS activity before, dating as far back as 2016, but the recent campaigns have been greater in number and duration. In addition, today’s group of cybercriminals often perform a limited attack to prove their capability and malicious intent.

The case studies featured in the blog include RDDoS attacks from an unknown group claiming to be well-established entities including Fancy Bear, The Armada Collective, and Lazarus Group. The blog also dives into attacks from another group calling itself The Kadyrovtsy.

“The increase in RDDoS attacks in 2020 couldn’t have come at a worse time,” said Mike Benjamin, Lumen’s head of Black Lotus Labs. “With so many businesses relying on their internet connectivity during the pandemic, these attacks had an even greater impact on their victims’ operations.”

Benjamin went on to explain his team’s philosophy on paying ransoms. “We recommend never paying the ransom demand, as that only serves as fuel for this illicit business model, and there are no guarantees the criminals will actually stop the attack. The best defense is to utilize a DDoS mitigation service, along with deploying applications across a highly distributed infrastructure.”

For more details about RDDoS and to read these Black Lotus Labs case studies, read the latest blog from Black Lotus Labs.

This site is registered on as a development site. Switch to a production site key to remove this banner.