Yet more ransomware operators are using DDoS attacks as leverage

security

(Image credit: Shutterstock / binarydesign)

In what is fast emerging as a disturbing trend, another ransomware gang has now resorted to using Distributed Denial of Service (DDoS) attacks to knock their victim’s websites offline.

According to reports, ransomware operators are ganging up to launch repeated DDoS attacks against a victim’s website to force them to the negotiating table.

The reports quote Brett Callow, threat analyst at Emsisoft, who isn’t surprised at this new modus operandi: “DDoS is cheap, easy and in some cases may help convince some companies that speedy payment is the least painful option. The more pressure the criminals can put companies under, the better their chances of extracting payment.”

Double extortion

Ransomware operations that target business networks will often steal a victim’s unencrypted files as well. The original tactic was to leak the unencrypted files if the ransom isn’t paid. In such an attack last year, BleepingComputer reported that an affiliate of the SunCrypt ransomware launched a DDoS attack on their victim to force them back to the negotiating table.

The Avaddon ransomware is the latest to join the ranks and has reportedly DDoSed the website of one of its victims after stealing about 44GB of personal and financial documents.

The operators of the Maze ransomware were the first ones to get multiple different threat actors to join forces and exchange tactics for more powerful strikes against their targets. It isn’t yet clear if Avaddon has joined the Maze syndicate or whether it has decided to spearhead a new operation of its own.

Via: BleepingComputer

January 25, 2021
To Top