author photo
By Clare O’Gara
Tue | Apr 28, 2020 | 6:15 AM PDT

Whisky fans, we have some bad news.

After what it's calling a "technologically sophisticated, sustained and malicious attack," has opted to postpone one of the world's most anticipated whisky auctions—an auction worth millions.

What kind of cyber attack stopped rare whisky auction?

This is a classic example of a DDoS (distributed denial of service) cyber attack. This type of attack floods a website server with massive amounts of bogus data so that legitimate traffic gets shut out.

While Whisky Auctioneer was gearing up for the second phase of what it calls The Perfect Collection auction, cybercriminals apparently made plans, too.

And those plans shut down the website and, inevitably, the online auction of thousands of bottles of rare whisky.

At first, the company was promoting the auction on Twitter:


But part way through the bidding window, it tweeted out a delay due to "technical issues."


The company's investigation revealed a DDoS attack against the site.

And according to Forbes, the timing for this DDoS attack makes sense. The Perfect Collection would have marked a major event in the whisky world:

"Just last year, a single bottle of Macallan 1926 sold at Sotheby's for almost $US2 million, breaking the world record of most expensive whisky bottle ever sold at auction. One of these bottles was included in The Perfect Collection: Part Two, and would be the first to sell since the Sotheby's record.

With the entire industry watching to see if the record would be broken once more or whether the bottle price would plummet, this was, potentially, the best time for this cyber attack to come."

Cybercriminals love to make money but many also seek prominence from headline grabbing opportunities like this one.

That's also one of the reasons COVID-19 themed cyberattacks are so popular.

Myla Pilao, Director for Technology Marketing at Trend Micro, explains it to SecureWorld like this:

"What I call their interest is really called riding the wave, which means that for them, when they seize this opportunity, they will get maximum exposure with what I call minimal to little effort."

Listen to our complete podcast interview with her about COVID-19 cyber threats:

DDoS cybercrime-as-a-service

DDoS attacks like the one on Whisky Auctioneer have evolved. DDoS-for-hire services are now posing a significant threat to any organization that could lose money if its website or network becomes unreachable.

Take the case of Sergiy Usatyuk. He operated a service for DDoS attacks that flooded the web and private servers with massive amounts of data, causing network downtime for many organizations. And he made over $550,000 during the scheme.

SecureWorld covered the story in November:

For more than two years, Usatyuk "victimized various segments of American society," says Assistant Attorney General Brian A. Benczkowski. "Usatyuk combined with a co-conspirator to develop, control and operate a number of booter services and booter-related websites that launched millions of DDoS attacks that disrupted the internet connections of targeted victim computers, rendered targeted websites slow or inaccessible, and interrupted normal business operations."

And in this case, the DDoS attack against Whisky Auctioneer continued for days, with nothing on its website except the following notice about the attack.


Tags: DDoS Attack,