Bandwidth.com has been suffering DDoS attacks for the past 3 days nonstop.
Bandwidth.com is the newest victim of DDoS attacks, explicitly targeting voice over Internet Protocol (VoIP) services providers. According to sources, the attack against Bandwidth caused countrywide voice and message services outages. The attackers are yet unidentified.
SEE: Yandex hit by largest DDoS attack involving 200,000 hacked devices
The company referred to the attack as an ‘incident’ that affected its Voice and Messaging services, and customers were experiencing unexpected failures.
“Bandwidth is investigating an incident impacting Voice and Messaging Services. Calls and Messages may experience unexpected failures. All teams are actively engaged,” the company’s status page stated on Sep 26, 12:35 EDT.
While Bandwidth didn’t officially confirm that it has become a victim of a DDoS attack, its customer support staff is informing customers that a distributed denial of service (DDoS) attack disrupted their services. For instance, a customer posted a screenshot on Reddit, which was sent to him by Bandwidth’s Technical Assistance Center manager that read:
“Bandwidth continues to experience a DDoS attack which is intermittently impacting our services. Our network operations and engineering teams continue active mitigation efforts to protect our network.”
What Happened?
Reportedly, Bandwidth experienced unexpected disruptions in their voice and messaging services starting from 25th September 2021 at around 3:31 p.m. EST. Since then, the company has been updating its clients and customers about its services status. Bandwidth claims that the outages affected voice, messaging, Enhanced 911 services, and access to the portal.
Being one of the leading telephony providers for US VOIP companies, the services outage at Bandwidth has impacted other VOIP vendors including:
- Accent
- Twilio
- Phone.com
- DialPad
- RingCentral.
However, none of these vendors pointed fingers at Bandwidth for their service disruptions, and instead, they are blaming an unidentified upstream provider for the problem.
Previous Attacks
It is alleged that the notorious REvil ransomware gang or someone impersonating as REvil has been targeting renowned VOIP service providers. Earlier in September, two UK-based ITSP (Internet and Telephony Service Providers), VoIP Unlimited and Voipfone, were attacked, and the attackers made a colossal ransom demand.
In mid-September, a Quebec-based internet phone service provider VoIP.ms was hit by DDoS, causing severe operational disruption. The company also received a ransom demand.
Is It an Extortion-Based Attack??
In what can be termed a catastrophic month for VoIP service providers, many high-profile firms have become victims of extortion-based DDoS attacks. Reportedly, attackers demanded one bitcoin or $45,000 from VoIP.ms and later increased it to 100 bitcoins/$4.5 million.
SEE: Major EU country hit by crippling DDoS attacks
Bandwidth.com is yet to confirm whether they have received a ransom demand from the attackers. We have contacted the company for clarification, but we haven’t received any response so far. We will update you as soon as we get some clarity over the nature of the attack.
