Ransomware operators are now also engaged in DDoS attacks

Ransomware operators DDoS attacks
Written by Emma Davis

Bleeping Computer journalists say that MalwareHunterTeam specialists shared with them an interesting observation: ransomware operators adopted new tactics and started DDoS attacks.

So, if the victim company refuses to negotiate and pay the ransom, the attackers arrange a DDoS attack on its website and continue until the company returns to the negotiations. A distributed denial of service (DDoS) attack is when a threat actor floods a website or a network with a large number of requests to make a service inaccessible.

The Bleeping Computer magazine became aware of at least one such case: negotiations reached an impasse, after which the operators of the SunCrypt ransomware staged a DDoS attack on the website of an unnamed company.

When representatives of the victim company visited the hackers’ site on the darknet, through which it was necessary to pay the ransom, there they found a message that the DDoS attack would continue until negotiations resumed.

When company representatives asked the hackers why they attacked its website, the ransomware operators replied that it was necessary to resume negotiations.

We were in the process of negotiations, but you did not appear, so we took certain actionswrote the hackers.

When communication between the attackers and the victims was re-established, the DDoS attack was indeed terminated. According to MalwareHunterTeam, this tactic ultimately forced the company to pay the hackers a ransom.

This tactic was particularly effective against this victim as they were a smaller organization that was already greatly affected by the ransomware attack. By combining data theft, the threat of a data breach, lack of access to encrypted files, and now a DDoS attack, a smaller victim could have their operation completely shut downwrite Bleeping Computer journalists.

Considering that currently ransomware operators do not just encrypt company data, but preliminarily steal information, and now frequently use DDoS, small and medium-sized businesses may really have no choice.

In general, big business suffers quite noticeably: recently, the operators of the Maze ransomware published more than 70 GB of data stolen from LG and Xerox and then began to publish data from Canon. But the vendors did not clearly pay the ransom – the structure of a large company, after all, is more resistant to DDOS attacks.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply