The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom.
The announcement shows an improvement in the double-extortion tactic, which doesn’t limit to threatening the victims to leak the stolen files in case they don’t pay the ransom.
According to Bleepingcomputer, in February the REvil ransomware gang published a job notice where they searching for experts to perform DDoS attacks and use VOIP calls to contact victims and their business partners.
The malware researcher who goes online with the moniker 3xp0rt reported that REvil operators are offering to their network of affiliates new options to make pressure on victims, in particular calls to news media and business partners for free, and DDoS (Layer 3 and 7) attacks as a paid service.
REvil Ransomware launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service.
Also, they reminded about developing support for VM ESXi and a polymorphic engine for windows. pic.twitter.com/MahKROK161
— 3xp0rt (@3xp0rtblog) March 6, 2021
Unfortunately, these extortion options are not a novelty in the threat landscape. Multiple ransomware gangs use VOIP calls and DDoS attacks to make pressure on the victims.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
Cyber Defense Magazine