Sophos Cloud OptixYesterday, I blogged about a new spam campaign that was referring to recent troubles with Amazon.com website. The assumption was that the scammers are spreading the word in order to convince enough people sell their AMZN stock and lower its price as a result. This would have let them buy stock at a lower price as part of the short-n-distort scheme.
It didn’t occur to me yesterday that the website outage could have been purposely orchestrated by an outsider. According to this article, a massive botnet-driven DDoS attack was a likely cause.
Now, this makes it really hard (for me anyway) to not try to connect the DDoS, the spam campaign and stock manipulation to the same group of individuals… If this suspicion is true, the following scenario could be applied to any large well-known (and publicly traded) company:
- Sell a large number of borrowed stock at a certain price
- Launch an attack on company’s reputation (a DDoS attack on infrastructure; destructive malware; data leakage; …)
- Spam out the “news” in order to lower the stock price
- Buy stock back at a lower price
- Profit