Bitcoin Extortion Group DD4BC Prompts Warning from Swiss Government

Distributed denial-of-service attacks against organizations in New Zealand appear to be connected to the extortionist group DD4BC.

AccessTimeIconMay 8, 2015 at 8:30 p.m. UTC
Updated Sep 14, 2021 at 2:01 p.m. UTC

Extortionist group DD4BC appears to be connected to a new wave of distributed denial of service (DDoS) attacks against organizations in Switzerland, New Zealand and Australia.

With the new attacks, the group is seeking 25 BTC from affected parties in exchange for relinquishing the flood of inbound data is issues that renders recipient websites inaccessible.

Most recently, DD4BC was named in an 8th May warning published by the Swiss Governmental Computer Emergency Response Team (GovCERT), a division of MELANI, a national agency focused on cybersecurity issues.

The warning read:

"In the past days MELANI / has received several requests regarding a distributed denial of service (DDoS) extortion campaign related to 'DD4BC'."

According to the New Zealand government, the extortion attempts appear to begin with a short DDoS attack to demonstrate the potential impact after the ransom demand has been issued.

DD4BC has been tied to past attacks on digital currency businesses and websites, including extortion attempts against a number of well-known mining pool operators.

Swiss incidents

GovCERT said that it had received reports from "several high profile targets", stating that a number of organizations had been affected as a result of the wave of DDoS attacks.

According to the agency, recent DD4BC activity has been rising, with the new attacks starting at the beginning of May.

The advisory explained:

"While these attacks have targeted foreign organisations in the past months, we have seen an increase of activity of DD4BC in Europe recently. Since earlier this week, the DD4BC Team expanded their operation to Switzerland."

The agency advised those impacted by the attacks not to pay the ransoms, and instead file a police report and contact their Internet service providers for additional mitigation support.

New Zealand connection

News of the New Zealand attacks surfaced earlier this week, when the New Zealand National Cyber Security Centre (NCSC) released a warning about DDoS attacks on local organizations.

The notice said that an investigation is underway, though the agency did not specify the operating name of those behind the attacks. National security advisor for the New Zealand government Daria Brankin declined to comment when reached.

Cybersecurity nonprofit New Zealand Internet Task Force chairman Barry Brailey, however, confirmed the connection between the group and the recent DDoS attacks in that country.

The group issued a notice about the DDoS threats on 7th May.

"Yes [the series of attacks] appears to be linked to the group/moniker 'DD4BC'," Brailey told CoinDesk.

History of attacks

A string of incidents involving DD4BC last year culminated with the creation of a 100 BTC bounty after the group targeted bitcoin exchange and wallet service Bitalo.

This amount swelled to 110 BTC following a contribution by AntPool operator Bitmain during the mining pool attacks.

Other companies impacted by the group in the past year include BitQuick, BitBay, Expresscoin and CoinTelegraph.

Image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.

Read more about