HelloKitty Adds DDoS to the Mix: What You Need to Know

May 2023

In January of 2021, the “HelloKitty” ransomware group first made a name for itself across the globe. During this time, the group began carrying out a number of ransomware attacks against video game developer CD Projekt Red, wreaking a great deal of havoc across the industry.

Unfortunately, it seems that HelloKitty threats are still here to stay a year later. Reports are even emerging that these attacks are now incorporating a double-extortion tactic in the form of DDoS.

More About HelloKitty Ransomware Threats

Throughout 2021, the HelloKitty ransomware group created many problems in the gaming industry, particularly for the video game developer CD Projekt Red. Specifically, the group breached the developer’s servers, stole source code for several video games, and encrypted many vital files.

During this time, the attacks were purely ransomware in nature. The game developer was forced to pay a hefty ransom in exchange for the decryption of their files and return of their gaming software code, as is common practice with ransomware attacks.

Recent DDoS Extortion

The HelloKitty ransomware group and other groups such as FiveHands ransomware are incorporating an added element into their ransomware attacks – distributed denial of service (DDoS). This was first reported in November of 2021 when HelloKitty ransomware targeted VMware’s ESXi virtual machine platform with a Linux DDoS attack.

Since then, more attackers seem to be engaging in this “double extortion” method by not only holding important files and data for ransom but completely crashing servers with these attacks as well.

How to Protect Yourself from DDoS Attacks

Sadly, it seems that this trend of double extortion attacks is not going away. There have been reports of triple and quadruple extortion attacks, including newer ransomware variants and phishing attacks.

More than ever, you may be wondering what you can do to protect yourself from falling victim to one of these attacks. For starters, you should continue using the same common-sense security best practices that you are already following. This includes strengthening your passwords and changing them regularly, never clicking on unfamiliar links or downloads, and never entering sensitive credentials over a public wireless network.

It also may be time to review your hosting platform. If you don’t already have a dedicated server with built-in protection against DDoS, you might consider making the switch. A DDoS-protected dedicated server will be able to withstand and weather DDoS attacks of varying sizes (depending on how much protection is included with your plan).

Switch to Dedicated Hosting Today

In addition to coming standard with DDoS protection, ReliableSite servers provide a wide range of security features that other hosting solutions simply do not. If you want to avoid falling victim to these kinds of double-extortion attacks, make the switch to a dedicated server today. Contact our team to get started!