After successfully extorting a whopping $1 million from a South Korean web hosting company, hackers are obviously getting bolder in their attempts to bully Korean institutions into paying them large sums of money. In late June 2017, a Korean news agency informed that hackers claiming to be the Armada Collective targeted a number of Korean banks and threatened distributed denial of service (DDoS) attacks against their infrastructure if payment was not made.
The deadline for the payment – a hefty $315,000 in Bitcoin – came and went and the websites of the affected banks never experienced any obvious issues. However, with no official disclosure on the subject, it’s impossible to tell whether the banks gave in and paid the hackers or managed to shrug off the threat and implemented extra security measures.
This is not the first time South Korean banks became the target of bold hackers. Back in 2016 an attack reportedly organized by Anonymous hit the website of the South Korean central bank. A few years earlier, a large number of banking and broadcasting institutions in South Korea was slammed by another cyber attack, allegedly mounted by North Korean Hackers.
Whether it was really the Armada Collective who were behind the threats is also impossible to tell with complete certainty. The name can easily be used by any outfit of cyber bravos who want to cash in on the infamy of Armada. In early 2016, CloudFlare reported that the Collective managed to extort money from a number of different businesses, once again sending empty DDoS threats through email.
The fact that the threats are sent through anonymous email allows anyone to pose as any chosen hacker crew that has made a name for itself. In fact, it is believed that past cyber attacks against South Korean business networks may have been carried out by North Korean hackers who were posing as known cybercrime outfits.