A new ransomware attack tactic has been used by hackers to blackmail their victims: They are launching DDoS attacks on the victim's website, until they pay the liters to decrypt their files.
A DDoS attack is when a malicious user στέλνει μεγάλο πακέτο data on a website or when sending a large volume of requests. Its purpose is to make a service unavailable due to workload.
It all started with a ransomware site from SunCrypt. After the negotiations were delayed, the website was attacked by DDoS.
When the victim returned to negotiations with the blackmailers, he received a message stating that SunCrypt was responsible for DDoS and would continue the attack if negotiations did not continue.
"Your website is currently down modebecause of us. Send us a message as soon as possible or further action will be taken,” warned the operator of the SunCrypt ransomware.
When the victim asked why their site was down, ransomware operators said they were doing so in order to force them to negotiate.
So after the victim resumed ransom negotiations, the ransomware maker agreed to stop the DDoS attacks.
Η MalwareHunterTeam said that this tactic eventually led the victim to pay the ransom.
This tactic was very effective. Combining data theft, lack of access to encrypted files and now a DDoS attack, a small business turnover victim could close his business altogether.
This is another example of ransomware groups upgrading their tactics to increase the pressure on their victims so that they feel there is no other choice from paying the ransom.