Hacker Says He Attempted to Extort UK Bank Lloyds With DDoS

Several outlets reported that a DDoS was responsible for outages of Lloyds' online banking platform earlier this month.

|
Jan 23 2017, 5:15pm

Image: Tomasz Bidermann/Shutterstock

A hacker has claimed responsibility for a reported distributed-denial-of-service (DDoS) attack against UK bank Lloyds, and says he attempted to extort the financial giant, too.

Through 11-13 January, Lloyds Banking Group Plc customers could not access online banking services. On Monday, Bloomberg reported that the outage was due to a DDoS attack, citing an anonymous source with knowledge of the matter.

At the time of the attack itself, a hacker contacted Motherboard, claiming that they were behind the disruption and extortion attempts.

"We didn't ask for that much really," the hacker said. "They should value their customers a little more thank [sic] that."

According to an alleged January 11 email sent by the hacker to Lloyds, and shared with Motherboard, he had demanded a rather extraordinary "consultancy fee" of £75,000 ($93,600) from Lloyds to be paid in bitcoin.

Part of the alleged extortion email sent to Lloyds (redacted by Motherboard).

"Once paid, the services will be back online, you will get a list of flaws related to both services, along with our disappearance," the email reads. It appears the hacker was unsuccessful in prying any cash out of Lloyds however: the bitcoin address included in the email has received no funds.

Motherboard attempted to contact the Lloyds employee that the extortion email was addressed to. Although it successfully delivered, Motherboard did not receive a response. Lloyds did not immediately respond to a request for comment.

During the 13 January conversation, the hacker told Motherboard that he would provide evidence he was behind the attacks in an hour's time. Just over an hour later, Lloyds' online banking portal was not responding, according to timestamped logs.

According to The Financial Times, the attacks originated from overseas. The attacks appear to have only been effective until January 13; at the time of writing, Lloyds' online banking service is operational.

"We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems," Lloyds said in a statement to Bloomberg. "We will not speculate on the cause of these intermittent issues."