Ransomware actors target VoIP service with another wave of DDoS attacks

Ransomware operators are increasingly adding DDoS attacks to their repertoire of extortion mechanisms

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A series of sustained Distributed Denial of Service (DDoS) reportedly knocked UK Voice over Internet Protocol (VoIP) provider VoIP Unlimited offline, weeks after it was targeted in a REvil-orchestratedransomwarecampaign.

According toThe Register, last week’s downtime was the result of “an alarmingly large and sophisticated DDoS attack attached to a colossal ransom demand” which VoIP Unlimited has pinned to theREvil ransomware gang.

The attack is also blamed fordisrupting the operationsof other UK VoIP providers at the same time as well.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

As of 11 December however, VoIP Unlimited has restored a majority of its services, while a couple continue toreport“Degraded Performance.”

From ransomware to DDoS

The Registernotes that while REvil is notorious for its ransomware operations, it seems to have joined the list of ransomware operatives who have begun switching to conducting extortion-based DDoS campaigns.

In fact, it appears before attacking VoIP Unlimited, the gang honed their skills by going aftera Canadian firmin mid-September, and demanding one bitcoin (around $45,000 at the time) to cease the attacks.

Commenting on the change in tactics of ransomware operators,cybersecurityanalysts atTrendMicroobserved that multilevel extortion schemes were beginning to emerge as the latest trend in the ransomware underworld.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“Triple extortion follows a straightforward formula: adding DDoS attacks to the aforementioned encryption and data exposure threats. These attacks could overwhelm a server or a network with traffic, which in turn could halt and further disrupt operations,”observed TrendMicro.

The new modus operandi was first performed by SunCrypt and RagnarLocker operators in the latter half of 2020, adding that the REvil operators were also looking to adopt this new ransomware strategy.

The emergence of ransomware DDoS (RDDoS) attacks was alsorecently highlightedin a report by US telecoms company Lumen Technologies, as it urged businesses to prepare for this incoming onslaught.

ViaThe Register

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report