Bandwidth.com became the latest victim of DDoS attacks targeting VoIP providers this month, leading - in recent days - to a global break in voice communications.
Bandwidth is a Voice over Internet Protocol (VoIP) service company that provides Internet voice telephony to businesses and resellers.
Starting September 25 at 3:31 p.m. EST, Bandwidth began reporting that they were experiencing unexpected failures with voice and messaging services.
Since then, Bandwidth has provided frequent status updates reporting interruptions affecting voice, Enhanced 911 (E911) services, messaging, and gateway access.
As Bandwidth is one of the leading telephony providers for US VoIP companies, many other VoIP providers have reported downtime in recent days, including Twilio, Accent, DialPad, Phone.com and RingCentral.
Although it has not been confirmed whether these interruptions are related to the interruption of Bandwidth service, all of the above operators stated that another vendor caused their interruptions.
Twilio initially told BleepingComputer that it was not affected by the Bandwidth attack, but its status page today states that it had problems with Bandwidth.
Bandwidth.com was attacked by DDoS
Earlier this month, VoIP provider VoIP.ms suffered a devastating one-week DDoS attack that destroyed almost all of their services and gateways, leaving their customers without voice services.
The VoIP.ms attack was a blackmail DDoS attack in which ransomware posing as the "REvil" ransomware group initially demanded a bitcoin ($ 45.000) to stop attacks but later increased the amount to 100 bitcoins ($ 4,5 million).
Because of this recent attack, Bandwidth customers immediately suspected that Bandwidth was suffering from a similar DDoS attack.
As the services VoIP usually routed over the Internet and requiring servers and endpoints to be publicly accessible, are primary targets for DDoS attacks.
To carry out these DDoS attacks, malicious agents will flood servers, portals and gateways, sending more requests than they can handle, making targeted devices and servers inaccessible to anyone else.
At this time, Bandwidth has not publicly revealed the reason for the outage and has not answered questions.
However, Bandwidth customers told BleepingComputer that employees said a DDoS attack caused the outage.
Another customer shared a screenshot on Reddit of a customer support message allegedly from the director of the Technical Assistance Center, who states that a DDoS attack is responsible for downtime.
At the moment, Bandwidth reports that its services have been restored and it is not clear whether the threatening agents stopped their attacks or were paid.
Source of information: bleepingcomputer.com