Threat actors are launching a DDoS attack against VoIP.ms, a voice-over-Internet service provider, and threatening to extort money if it doesn’t stop.
VoIP.ms is an Internet phone service provider that offers low-cost voice-over-IP services to companies all over the world.
VoIP.ms Phone services disrupted
A distributed denial-of-service attack on VoIP.ms’ infrastructure, including DNS name servers, was launched on September 16th, 2021, and the company was forced to shut down its services.
The DDoS attack affected telephony services, stopping clients from receiving or making phone calls as they set up their VoIP equipment to connect to the company’s domain name.
Customer’s were urged to adjust their HOSTS file so that the domain was pointed to their IP address instead of DNS, as DNS was no longer working.
However, this only served to encourage the cybercriminals to launch DDoS assaults on that IP address in the future.
VoIP.ms relocated their DNS and website servers to Cloudflare to combat the attacks, however, the company’s website and VoIP infrastructure are still experiencing problems owing to the ongoing denial-of-service attack.
“In the meantime, our Websites and POP servers are still under attack from a DDoS attack. Our team is working round-the-clock to stop it, but the service is still being interrupted. We sincerely regret any difficulty this has caused you “According to a notice published on the VoIP.ms website,
As of the time of this writing, the site is intermittently unavailable and returning a 500 Internal Server Error message.
Someone going by the handle ‘REvil’ claimed responsibility for the attack on September 18th and released a link to a Pastebin ransom letter.
Pastebin has already removed the ransom note, but according to BleepingComputer, it demanded one bitcoin, or around $45,000, to cease the DDoS attacks.
Following its disappearance on July 13th, the notorious ransomware operation known as REvil has just resumed assaulting its victims.
Unlike the VoIP.ms attack, REvil is not known to use DDoS attacks or openly demand ransom payments. The extortion tactic used in this attack leads us to think that the threat actors are merely imitating the ransomware operation in order to terrify VoIP.ms even further.
The extortionists quickly increased their extortion demand from 10 bitcoins to 100 bitcoins, or almost $4.3 million.