A hacking group (Armada Collective) which was previously held responsible for launching DDoS attacks on ProtonMail is back and this time targeting Greek banks and using the old DDoS-for-Bitcoin extortion scheme.
In the ProtonMail case, the company paid ransom to the group but Greek banks contacted law enforcement authorities instead.
The attacks started on 26th November and continued for the remaining week in which three unnamed banks were targeted. The cyber criminals demanded a ransom of 20,000 Bitcoins which currently values $7,210,000, according to the Kathimereini Greek Newspaper.
The Managing director at Imperial Media (Yanni Koutsomitis) said the authorities in Greek contacted an FBI investigation specialist to help them in investigating the hacking group. However, FBI was caught telling victims of cyber attacks to pay ransom in such cases.
More details on the alleged Greek cyber robbery: https://t.co/NCKQL3v6YC /via @PapadoJohn
— Yannis Koutsomitis (@YanniKouts) November 30, 2015
Should victim pay a ransom?
FBI told victims to pay ransom if they are under cyber attacks. The NSA-proof ProtonMail also paid the cyber criminals, but, even after the payment the attacks kept on coming. So for any institution paying ransom is not the way out as it just allows criminal groups to get stronger and show other groups a new way to earn money.
However, in the case of Armada Collective, it seems the group is fearless and skillful for selecting and only targeting high-profile institutions and demanding ransom. The group was also involved in targeting ISPs in Switzerland and some services like Hishmail and Runbox in the past.