VoIP.ms, a telephony service based on VoIP technology for businesses, was hit with a DDoS attack last week. The threat actors are constantly hitting the service and demanding a ransom to stop.
VoIP.ms‘ website and servers are down as of now, causing trouble to customer services. Alternative ways to access the service have been a hassle too and are not working now.
The DDoS attack against VoIP.ms
The Distributed Denial of Service (DDoS) attack is one of the prime weapons of cybercriminals, who use it against the target’s public-facing service.
In this technique, they direct large amounts of filthy and false traffic against the targeted server and crash it by overflowing its capacity, making the service unreachable even for legitimate users.
VoIP.ms services too were disrupted in the same way, as the threat actors have attacked their infrastructure and official website to crash altogether.
This caused users to face several problems, including loss of service, poor performance, dropped calls, inability to forward lines, etc.
We're aware of an issue that's keeping our customers to properly reach our website, there's a team actively working on the issue as we speak and we expect it is fixed shortly, thanks for your patience!
— VoIP.ms (@voipms) September 16, 2021
With a continuous flow of traffic and the unsettling attitude of attackers,
VoIP.ms had initially advised customers to use its IP address directly instead of a website domain name in the HOSTS file of their devices, but attackers have targeted the IP address too.
It led VoIP.ms to shift its infrastructure to Cloudflare immediately, but that didn’t stop the attacks from anything significant. And when checked in detail, the threat actors, claiming to be from the REvil gang, directed the victim through a ransom note in Pastebin.
While the ransom note was removed, it asked for 1 Bitcoin (around $45,000) to stop the attacks. Later, this was increased to 100 Bitcoins at once (around $4.3 million) after failed talks with VoIP.ms, says the threat actors.