Bleeping Computer journalists say that MalwareHunterTeam specialists shared with them an interesting observation: ransomware operators adopted new tactics and started DDoS attacks.So, if the victim company refuses to negotiate and pay the ransom, the attackers arrange a DDoS attack on its website and continue until the company returns to the negotiations. A distributed denial of service (DDoS) attack is when a threat actor floods a website or a network with a large number of requests to make a service inaccessible.
The Bleeping Computer magazine became aware of at least one such case: negotiations reached an impasse, after which the operators of the SunCrypt ransomware staged a DDoS attack on the website of an unnamed company.
When representatives of the victim company visited the hackers’ site on the darknet, through which it was necessary to pay the ransom, there they found a message that the DDoS attack would continue until negotiations resumed.
When company representatives asked the hackers why they attacked its website, the ransomware operators replied that it was necessary to resume negotiations.
When communication between the attackers and the victims was re-established, the DDoS attack was indeed terminated. According to MalwareHunterTeam, this tactic ultimately forced the company to pay the hackers a ransom.
Considering that currently ransomware operators do not just encrypt company data, but preliminarily steal information, and now frequently use DDoS, small and medium-sized businesses may really have no choice.
In general, big business suffers quite noticeably: recently, the operators of the Maze ransomware published more than 70 GB of data stolen from LG and Xerox and then began to publish data from Canon. But the vendors did not clearly pay the ransom – the structure of a large company, after all, is more resistant to DDOS attacks.
User Review( votes)