Security News > 2021 > March > Ransomware gang plans to call victim's business partners about attacks
The REvil ransomware operation announced this week that they are using DDoS attacks and voice calls to journalists and victim's business partners to generate ransom payments.
The REvil ransomware operation, also known as Sodinokibi, is a ransomware-as-a-service where the ransomware operators develop the malware and payment site, and affiliates compromise corporate networks to deploy the ransomware.
In February, the REvil ransomware operation posted a job notice where they were looking to recruit people to perform DDoS attacks and use VOIP calls to contact victims and their partners.
The ransomware gang is likely assuming that warning businesses that their data may have been exposed in an attack on of their partners, will create further pressure for the victim to pay.
In January 2021, the Avaddon ransomware gang began using this tactic as well, so it is not surprising to see other operations begin utilizing these attacks as well.
While VOIP calls to victims to exert pressure have been used by numerous ransomware operations, BleepingComputer is not aware of calls made to journalists or victim's business partners.
News URL
Related news
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)
- U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks (source)
- Ransomware crisis deepens as attacks and payouts rise (source)