REvil gang hits UK ITSPs with series of extortion-based DDoS attacks – HackRead

Two Internet and Telephony Service Providers (ITSP) in the United Kingdom, the South Coast-based VoIP Unlimited and London-based Voipfone, got their services disrupted for several days after suffering a series of Massive DDoS attacks.

VoIP Unlimited claims that the attackers made a colossal ransom demand after the company sustained large-scale DDoS attacks. According to The Register, UK Comms Council has confirmed thatthese attacks were carried out by the infamous REvil ransomware gang [aka Sodinokibi, a ransomware-as-a-service (RaaS)].

SEE: Someone published Conti ransomware gangs sensitive insider data online

The Council further added that other UK Session Initiation Protocol providers were targets of the REvil gang, which indicates that the group has launched a well-planned DDoS attack campaign against UK-based VoIP companies. Currently, it isnt clear if other ITSP services providers are affected too.

It is worth noting that in July 2021, the REvil ransomware group vanished due to mounting US pressure after the Kaseya attack. The recent DDoS attacks suggest that the REvil gang has been targeting companies unannounced since its official website accessible through the TOR browser is still down.

According to Voipfones status page, the companys SMS services, and inbound/outbound calls suffered outages as the company continuously received new DDoS attacks till Sep 3, 12:09 BST.

In a status update on Saturday, Sep 4, 13:34 BST, the company explained that the first attack took place on Monday and continued until Tuesday. The company further added that its services have been restored yet remained at risk of additional DDoS attacks.

Services are stable. Although, services remain at risk of further attacks. Our engineers continue to monitor closely across the weekend, the company said.

In a tweet on September 2nd, the company revealed dealing with extortion-based DDoS attacks from overseas criminals.

Were sorry for the disruption to our services. We are dealing with an extortion-based DDoS attack from overseas criminals. We are taking measures to overcome these attacks but we are obviously very limited in the information we can make public. Please bear with us.

Voipfone (@Voipfone) September 2, 2021

According to VoIP Unlimiteds MD, Mark Pillow, the attacks started on August 31, at around 2 p.m. BST. The threat actors launched an alarmingly large and sophisticated DDoS attack attached to a colossal ransom demand. Resultantly, some of the companys networks experienced a partial or complete loss of internet connectivity services.

However, those using its Ethernet and Broadband services remained unaffected. The company stated in an email that biz broadband services were live again after they resolved the problem yesterday, but they suspect the attackers to make a comeback anytime soon.

At the time of publishing this article, VoIP Unlimiteds status page showed its services have been restored.

According to the Registers report, both the attacks seem to be the work of the same group as these occurred over the Bank Holiday weekend, during which their networks were flooded with bogus traffic from thousands of compromised devices.

For those unaware of REvils activities; the group is known for targeting high-profile businesses and organizations.The same group was also behind the breach against the following companies:

1. Acer

2. Kaseya

3. Quanta

4. MasMovil

5. Sol Oriens

6. State Bank of Chile

Did you enjoy reading this article? Like our page onFacebookand follow us onTwitter.

Follow this link:
REvil gang hits UK ITSPs with series of extortion-based DDoS attacks - HackRead