VoIP Unlimited hit by outage in wake of DDoS claims • The Register
A British VoIP company has stumbled to its feet after being hit with a series of visible DDoSes a month after suffering a series of prolonged attacks that were carried out by the gang to buy REvil.
In an update at 11:56 a.m. British time, she said she “continues to suffer from large-scale DDoS attacks. VoIP Unlimited engineers continue to mitigate the impact on services.”
Voip Unlimited services dropped in September the time of the initial attack, with managing director Mark Pilou, who at the time said he was “extremely sorry for the inconvenience.”
The interruption yesterday and this morning came after an “alarmingly large and complex DDoS attack involving a colossal ransom demand” which she said was sent by the REvil ransom gang – which apparently attacked other VoIP providers in the UK.
Voip Unlimited declined to comment today. At the time of writing, some of his services have been returned online.
A Reg a reader who is a client of the company told us last night that the problems “started around 3:30 p.m. [yesterday] as periodic connectivity – now increases to complete loss of service. “
Another told us that “Voip Exchange clients and data connectivity” targeted “some services that appear to be affected by Wednesday.”
Although REvil is best known for spreading ransomware that infects the target organization’s network and encrypts its content, blackmail-based DDoSes are a relatively new center for the criminal gang. What it looks like is the same criminal gang aimed at a Canadian company in mid-September it was called REvil and required 1 bitcoin (at that time worth $ 45,000) to stop the attacks.
Infosec Cyjax believes free decryptor is the leading software for buying REvil released in mid-September, providing a possible idea of why the gang added old-fashioned RDoSing to its criminal portfolio. Of course, it is not impossible for an enterprising group of cybercriminals to trade REvil’s reputation for their own benefit.
Redemption service denial (RDoS) attacks are gradually increasing worldwide. The attack form revolves around the presence of DDoSaaSes (DDoS services as a service), known on a smaller scale as puffs. Large-scale DDoSes tend to need large botnets, accessible only to larger players who do not feel the need to rent out their infrastructure to others who might notice and turn it off; or those based in countries that don’t care, as long as botnets aren’t targeted within their borders.
Infosec Analyzers TrendMicro said in a recent report that multi-level extortion schemes are becoming more common among ransomware vendors. The company describes it as a third layer, following a “clear formula: adding DDoS attacks to … encryption and data exposure threats.” It states that “it was first carried out by SunCrypt and RagnarLocker operators in the second half of 2020 and that REvil (also known as Sodinokibi)” also seeks to include DDoS attacks in its extortion strategy “in June this year. ®