Some ransomware gangs have begun using a new tactic to persuade their victims to pay a ransom: they threaten to launch a DDoS attack on a victim's site until the victim returns to the negotiating table to pay the ransom required.
In general, DDoS (Distributed Denial Of Service) attacks belong to the category of attacks that are performed more frequently than hackers in global level. This is a dangerous form attack which occupies a large part of its industry cyber security. But what is a DDoS attack?
DDoS is an attack on a computer or network, so it does not allow users to have access to the resources of a system, while the attacker overloads the system with hyperlinks. A DDoS attack is crowned with success when coordinated by botnets, with the result that its power is even greater.
It is worth noting that DDoS attacks are one of the 5 most dangerous types of cyber attacks, because in order to succeed completely, the attacker must have under his control a computer network, which is called zombie net or botnet. In order to become zombies they must be infected with a virus, such as Trojans, and become bots - zombies.
His gang SunCrypt ransomware is a prime example, as it blackmailed a victim with a DDoS attack to force it to negotiate. When the victim returned to the ransomware payment site Tor, he received a message stating that the SunCrypt gang was responsible for the DDoS attack and would continue the attack if the victim did not return to negotiations.
Specifically, the message that appeared to the victim stated the following: "Currently your site is down due to the efforts of our technology. Send us a message as soon as possible, otherwise we will take further action. "
When the victim asked why his site was down, ransomware operators said that with the DDoS attack they wanted to force him to negotiate. Specifically, the gang told the victim the following: "We were in the [[sic]] negotiation process and you did not show up, so further action was taken."
After the victim resumed negotiations for ransom, the ransomware gang agreed to stop the DDoS attack.
The MalwareHunterTeam told BleepingComputer that this tactic eventually led the victim to pay the ransom. This was a very effective tactic against this victim, as it was a small organization that had already been greatly affected by the ransomware attack.
In case ransomware gangs combine theft data, the threat violation lack of access to encrypted data archives and a DDoS attack, can severely and irreparably affect a smaller organism and possibly lead to its "shutdown".