KB Kookmin Bank, Shinhan Bank, Woori Bank, KEB Hana Bank, NH Bank and two other South Korean banks were reportedly threatened with DDoS attacks last week.
The Armada Collective hacking group has issued a ransom demand of approximately £245,700 to seven South Korean banks, threatening to launch distributed denial of service attacks against each of their organisations.
The threat came just days after fellow South Korean firm NAYANA negotiated a record £780,700 ransom payment on 14 June to remedy an unrelated ransomware attack that locked up its systems. The timing of this latest threat has reportedly prompted some observers to wonder if NAYANA's actions encouraged the Armada Collective to test the resolve of other South Korean companies.
Citing financial authorities, the Yonhap News Agency on 21 June named the threatened banks as KB Kookmin Bank, Shinhan Bank, Woori Bank, KEB Hana Bank, NH Bank and two other lenders. The banks were given a deadline of 26 June.
The Armada Collective has engaged in this behaviour before. For instance, in April 2016 Cloudfare published a report detailing an Armada Collective campaign that issued empty DDoS threats against a wide range of businesses extorting hundreds of thousands of pounds in the process.