Slashdot reader Striek writes: VoIP.ms, a Canadian VoIP provider [also serving the US], has been under a sustained, and presumably massive DDoS attack which started on the September 16th, 2021. The attack has been disruptive enough to be covered by major media outlets, including Hacker News, ZDNet, Ars Technica, BleepingComputer, CTV News, and The Toronto Star.
They have so far refused to pay a ransom demand, which has grown from 1 bitcoin at the outset ($45,000 USD at that time), to 100 bitcoin now, or $45 million. Similar attacks have occurred recently on several UK based VOiP providers.
With DDoS attacks against VOiP infrastructure difficult to defend against — or at least more difficult than your bog-standard denial of service, this may be setting a worrying trend.
Bleeping Computer reported Monday that the attack was “severely disrupting the company’s operation:
As customers configured their VoIP equipment to connect to the company’s domain name, the DDoS attack disrupted telephony services, preventing them from receiving or making phone calls. As DNS was no longer working, the company advised customers to modify their HOSTS file to point the domain at their IP address to bypass DNS resolution. However, this just led the threat actors to perform DDoS attacks directly at that IP address as well.
To mitigate the attacks, VoIP.ms moved their website and DNS servers to Cloudflare, and while they reported some success, the company’s site and VoIP infrastructure still have issues due to the continued denial-of-service attack.
ZDNet has been following the story:
In an update on Wednesday, VoIP.ms apologized to customers and confirmed it was still being targeted by what it described as a ‘ransom DDoS attack’ . VoIP.ms says it has over 80,000 customers in 125 countries.
And in addition, this afternoon the company’s Twitter account announced that “Our main U.S. upstream carrier is currently experiencing major issues on their network affecting inbound and outbound calls and messaging to US numbers. We have already been in contact with their senior leadership team and they are on it along with their whole NOC.”
Read more of this story at Slashdot.