Denial-of-service extortion attacks are going away because hackers can find easier ways to steal money without getting caught, Symantec researchers said. I’m always reluctant to believe arguments that some type of IT attack is dead. Remember those e-mails from two years ago about “spam is dead,” or a year ago bout “no more worms?”However, Symantec Security Response Engineer Yazan Gable posted a new blog on the company’s Web site that offers some very intriguing conclusions about so-called denial-of-service extortion attacks and why they might be going away. The simple fact is that the DoS threats (pay us money or we’ll take down your network) are no longer as profitable as other alternatives, according to Gable, specifically because they put a big target on both the parties carrying out the attacks and their botnets, which could be used to carry out more profitable, and stealthy, schemes. Putting yourself and your botnet at direct risk by specifically targeting some organization who will likely hire someone to fight you or track you down just isn’t worth the effort, it would seem, when you could do something as crafty as bid up malware-laden ads on Google to distribute spyware, for instance, while keeping a much lower profile.Gable writes:“The thing is that DoS attacks are loud and risky. Whenever a bot-network owner carries out a denial-of-service attack they run the risk of losing some of their bots. This could happen either because an attacking computer is identified and disinfected, or if it is simply blocked by its ISP from accessing the network. Furthermore, if the bot-network owner isn’t careful they could lose their entire bot network if their command and control server is identified. Since a DoS extortionist has to carry out at least one successful DoS attack before they can even demand their pay, they run some serious overhead risks.”The DoS extortion model itself also commands a lot of foot work that other attacks don’t require — namely — following through on your threats if you don’t get paid. Gable said that nonpayment is one of the biggest issues for hackers, just like it is for legitimate billers.“For a DoS extortionist this is the worst scenario because they have to risk their bot network for nothing at all. Since the target has refused to pay, it is likely that they will never pay. As a consequence, the attacker has to spend time and resources on a lost cause.” As a result, the researcher predicts that more hackers will move back to… Spam!Well, it’s a good thing spam is dead! Security