DDoS Cyber Attack Disrupts Phone Calls on VOIP.ms

VoIP.ms, a telephony service provider based in Quebec, is currently dealing with an aggressive Distributed Denial of Service (DDoS) cyber assault, disrupting phone calls and services.

The problem began on September 16 and has strained VoIP provider’s systems, websites, and operations. VoIP.ms provides services to over 80,000 clients across 125 countries, many of whom are now having trouble making phone calls.

Services and conversations were disrupted by a DDoS attack.

Last week, VoIP.ms, a Canadian voice-over-IP service provider, announced that it was aware of an issue that was preventing customers from accessing its website, and it was working on a solution.

Fast forward to right now: the problem has still not been resolved, and it is being attributed to a sustained DDoS assault.

The most common type of distributed denial-of-service attack (DDoS) is a worldwide cyber assault in which numerous computers are simultaneously utilized by an attacker to make a large number of requests against the server’s capacity.

As a result, when confronted with a sophisticated DDoS assault, an Internet server may be unable to handle traffic or even crash.

VoIP technologies allow for the making of telephone calls via servers that are connected to the Internet, thus they are vulnerable to DDoS attacks.

VoIP.ms is still fighting the cyber assault, as of today:

All our resources are still working at stabilizing our website and voice servers due to the ongoing DDoS attacks. We understand the significance of the impact on our clients’ operations and want to reassure you that all of our efforts are being put into recovering our service.

— VoIP.ms (@voipms) September 22, 2021

Ars discovered that the VoIP.ms website is now asking visitors to solve captchas in order to access it. The website was occasionally displaying HTTP 500 (server error) messages before this.

The site adds, “a Distributed Denial of Service (DDoS) assault continues to target our Websites and POP servers. Our staff is putting forth continuous efforts to stop it, but the service is currently being hampered.”

Extortionists have demanded more than $4.2 million in ransom during a cyberattack.

Exchanges of tweets between VoIP.ms and the threat actors are revealing. The REvil DDoS attackers are known as “REvil,” although it’s unclear whether they’re the same REvil ransomware gang that attacked big firms including the world’s largest meat processor, JBS.

In addition, based on the many demands made by the threat actor to VoIP.ms for bitcoins, this attack has been branded an extortion campaign.

“This is possibly a cyber extortion campaign. They bring down services via DDoS and then demand money. Don’t know if the DDoS attack and the ransom demand are from the same idiots,” the attackers’ Bitcoin request of 1 BTC, or around $42,000 according to noted Twitter user PremoWeb, was revealed in a Pastebin note that has since been removed. The following is the text of the deleted note obtained by Ars:”

OK, that’s enough talking… Our price to stop is now $100 worth of Bitcoins into the Pastebin BTC address. I’m sure your clients will like your attitude in a lawsuit after lawsuit. “REvil” signed a tweet reading, ”

Last month, a DDoS attack against UK-based telecom VoIP Unlimited was reported, believed to have been launched by “REvil.” However, the REvil ransomware mastermind is unlikely to be the same as the ones behind these assaults.

“REvil is not known for DDoS attacks or publicly demanding ransoms, in a manner done in the VoIP.ms attack,” according to Bleeping Computer, the reason for this is that Apple has increased its support staff by 50 percent since last year.

“This attack’s method of extortion makes us believe that the threat actors are simply impersonating the ransomware operation to intimidate VoIP.ms further.”

Customers of VoIP.ms may keep track of the firm’s Twitter feed for news on the situation.