According to reports, ransomware operators are ganging up to launch repeated DDoS attacks against a victim’s website to force them to the negotiating table.
The reports quote Brett Callow, threat analyst at Emsisoft, who isn’t surprised at this new modus operandi: “DDoS is cheap, easy and in some cases may help convince some companies that speedy payment is the least painful option. The more pressure the criminals can put companies under, the better their chances of extracting payment.”
- Stay safe with these best ransomware protection tools
- We’ve also compiled a list of the best antivirus products
- These are some of the best endpoint protection software
Ransomware operations that target business networks will often steal a victim's unencrypted files as well. The original tactic was to leak the unencrypted files if the ransom isn't paid. In such an attack last year, BleepingComputer reported that an affiliate of the SunCrypt ransomware launched a DDoS attack on their victim to force them back to the negotiating table.
The Avaddon ransomware is the latest to join the ranks and has reportedly DDoSed the website of one of its victims after stealing about 44GB of personal and financial documents.
The operators of the Maze ransomware were the first ones to get multiple different threat actors to join forces and exchange tactics for more powerful strikes against their targets. It isn’t yet clear if Avaddon has joined the Maze syndicate or whether it has decided to spearhead a new operation of its own.
- Here are some of the best malware removal software