A series of sustained Distributed Denial of Service (DDoS) reportedly knocked UK Voice over Internet Protocol (VoIP) provider VoIP Unlimited offline, weeks after it was targeted in a REvil-orchestrated ransomware campaign.
According to The Register, last week’s downtime was the result of "an alarmingly large and sophisticated DDoS attack attached to a colossal ransom demand" which VoIP Unlimited has pinned to the REvil ransomware gang.
The attack is also blamed for disrupting the operations of other UK VoIP providers at the same time as well.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- Here’s our list of the best ransomware protection tools
- These are our options of the best DDoS protection services
- Check our list of the best malware removal software on the market
As of 11 December however, VoIP Unlimited has restored a majority of its services, while a couple continue to report “Degraded Performance.”
From ransomware to DDoS
The Register notes that while REvil is notorious for its ransomware operations, it seems to have joined the list of ransomware operatives who have begun switching to conducting extortion-based DDoS campaigns.
In fact, it appears before attacking VoIP Unlimited, the gang honed their skills by going after a Canadian firm in mid-September, and demanding one bitcoin (around $45,000 at the time) to cease the attacks.
Commenting on the change in tactics of ransomware operators, cybersecurity analysts at TrendMicro observed that multilevel extortion schemes were beginning to emerge as the latest trend in the ransomware underworld.
“Triple extortion follows a straightforward formula: adding DDoS attacks to the aforementioned encryption and data exposure threats. These attacks could overwhelm a server or a network with traffic, which in turn could halt and further disrupt operations,” observed TrendMicro.
The new modus operandi was first performed by SunCrypt and RagnarLocker operators in the latter half of 2020, adding that the REvil operators were also looking to adopt this new ransomware strategy.
The emergence of ransomware DDoS (RDDoS) attacks was also recently highlighted in a report by US telecoms company Lumen Technologies, as it urged businesses to prepare for this incoming onslaught.
- Here’s our roundup of the best cloud backup services
Via The Register