Recently, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits. Among them is now added the Avaddon ransomware gang. The gang uses DDοS attacks to force a victim to contact them and negotiate a ransom.
DDoS attacks aim to make a computer or service unable to accept other connections and thus not be able to serve potential customers. In other words, in a DDoS attack, a threat factor "floods" a site or network connection with more requests than it can handle, leaving the public unable to access.
It is worth noting that DDos attacks are among the 5 most dangerous cyber attacks, as in order to succeed completely the attacker must have under their operation one network computer, called zombie net or botnet.
In October 2020, BleepingComputer reported that many ransomware gangs began using DDoS attacks against networks or sites potential victims, as an additional tool to force them to pay a ransom. At that time, the two companies that used this new tactic were SunCrypt and RagnarLocker.
Many ransomware companies under attack are recovering from copies security and do not even get into the process of communicating with the attackers.
For this reason, the Avaddon ransomware gang now uses DDoS attacks to "hit" a victim's site or network until the victim communicates with them and begins to negotiate.
Her analyst Emsisoft Brett Callow, who shared this development with BleepingComputer, noted the following: "It is not at all strange to see threatening factors combining ransomware and DDoS "DDoS is cheap, easy and in some cases can help hackers convince some companies that fast payment is the least painful option, thus increasing their chances of getting paid."
Callow added that when the Maze introduced a double blackmail strategy, other ransomware gangs quickly adopted the method. It is too early to say whether the threatening agents will adopt the same tactics as DDoS attacks.