Canadian Telecom Firm Hit by DDoS Attack
Though attackers claim to be the same group behind the infamous ransomware gang REvil, analysts believe that the same group did not carry out the recent distributed denial of service (DDoS) attack on an internet phone services firm situated in Quebec, according to Insurance Business Canada.
In a statement posted on its website earlier this week, VoIP.ms Communications reported that it was the victim of a distributed denial of service (DDoS) attack on Thursday, and that it has been dealing with the incident since. A DDoS assault affected VoIP.ms' clients' telephonic services by targeting the company's DNS, which blocked their access to VoIP.ms' services.
VoIP.ms recommended that clients modify their HOSTS file to specify their IP address as the host name, allowing them to use VoIP. By preventing collateral damage, however, this only exposed the company's clients to direct DDoS attacks from the attackers.
A threat actor claimed responsibility for the cyberattack on VoIP.ms on September 18th, according to BleepingComputer. A threat actor named REvil published a link to a ransom note posted to Pastebin with the caption “WE'VE LEARNED OUR LESSON!” The ransom note was originally discovered on Pastebin and it stated that the DDoS attacks had to stop in order to avoid a payment of $45,000 in bitcoin.
The company ignored the warnings
VoIP.ms bears complete responsibility for the damage and stress to their customers and businesses as a result of their inaction and inadequate handling of the disruption. Also, the threat actor informed VoIP.ms that it had previously made an offer and also stated that it warned the company twice, and yet the company ignored both warnings.
After raising its extortion demand to 100 bitcoins, the threat actor re-tweeted about an hour and a half later to inform its followers that it had updated its extortion demand. BleepingComputer notes that REvil, the ransomware group, has not publicly demanded ransoms, nor is it known for conducting DDoS attacks.