DDoSers take weekend off only to resume campaign against UK's Voipfone on Monday

Firm fingers 'overseas criminals' for sending internet phone business TITSUP*


It never rains but it pours. Internet telephone service provider Voipfone, currently battling a "major outage" across all voice services, has admitted to being hit by an "extortion-based DDoS attack from overseas criminals" that knocked it offline last week.

A Distributed Denial of Service (DDoS) attack took down the company's platform for nearly four hours on the evening of Friday 22 October. Issues were reported on Voipfone's status page at 16:15 BST shortly followed by an apology and a suggestion to customers that "you might wish to set your phones to automatically failover to the PSTN or mobile networks."

The company said: "We're sorry for the disruption to our services, we are defending an extortion-based DDoS attack from overseas criminals," but remained tight-lipped over what was actually going on.

Still, by 20:12 BST on Friday Voipfone reported that its systems had struggled back to their feet. Access had been restored. Surely that would be the end of it?

Er, no. It seems that the evil-doers took the weekend off and attacked Voipfone again yesterday, according to Register reader Richard. Noting that he'd been provided with a monitoring graph this time around, he commended the company on being proactive in the face of the outage.

The company tweeted yesterday afternoon:

VoIPfone's website is back up this morning, though slow to load. At the time of publication, it indicted a "major outage" continued across voice calling services.

Unfortunately there remains frustratingly little information with regard to the DDoS attack, but the status page insists: "Our engineers continue working, trying to resolve the disruption to our service."

The Register attempted to contact the company, but has yet to receive a reply.

A customer told us earlier this morning: "I use Voipfone for my business and this is the second outage lasting more than 24 hours that they have suffered in the recent past.

He claimed that on calling the company yesterday he was told it was again being attacked but the outage was expected to last no longer than an hour.

"No business phone for me means no business, so it's no joke. The communication is paltry and my confidence in VOIP is severely dented. I may have to port my VOIP number over to a good old POTS service (looking forward to that and them losing my number). I can't even call them to get a failover set up (to a mobile or other landline) as their telephone is just a recorded message now and their website has been offline for 12 hours."

In between the attacks on Voipfone, UK retailer Tesco was forced to shutter its online operations due to an attempt to "interfere" with its systems.

Voipfone has suffered at the hands of wrongdoers before. In September its services were "intermittently disrupted by a DDoS attack" as compromised devices flooded its network with bogus traffic. The problems then were noted on 31 August and weren't resolved until 3 September.

Meanwhile, fellow Brit VoIP firm VoIP Unlimited – which came under attack last month – also appeared to have fallen offline yesterday, but its status page claimed all was operational at the time of publication. The South Coast-based firm told The Register back in September that it had been slapped with a "colossal ransom demand" after being hit by a sustained and large-scale DDoS attack it believed originated from the Russian cybercriminal gang REvil.

The chair of Comms Council UK, Eli Katz, said: "Several Comms Council UK members and international IP-based communications service providers have been subjected to Distributed Denial of Service (DDoS) attacks over the past four weeks which appear to be part of a coordinated extortion-focused international campaign by professional cyber criminals."

He said the council was sharing info with law enforcement, the government, the National Cyber Security Centre, Ofcom and international agencies about the nature of the attacks.

Katz added: "As our members supply telecoms services to critical infrastructure organisations including the police, NHS and other public services, attacks on our members are attacks on the foundations of UK infrastructure.

"We are confident that, with a joined-up government-led initiative, this damaging criminal activity can be halted." ®

*Tiresome Internet Traffic Stuffs Up Phones

Similar topics


Other stories you might like

  • India reveals home-grown server that won't worry the leading edge

    And a National Blockchain Strategy that calls for gov to host BaaS

    India's government has revealed a home-grown server design that is unlikely to threaten the pacesetters of high tech, but (it hopes) will attract domestic buyers and manufacturers and help to kickstart the nation's hardware industry.

    The "Rudra" design is a two-socket server that can run Intel's Cascade Lake Xeons. The machines are offered in 1U or 2U form factors, each at half-width. A pair of GPUs can be equipped, as can DDR4 RAM.

    Cascade Lake emerged in 2019 and has since been superseded by the Ice Lake architecture launched in April 2021. Indian authorities know Rudra is off the pace, and said a new design capable of supporting four GPUs is already in the works with a reveal planned for June 2022.

    Continue reading
  • Prisons transcribe private phone calls with inmates using speech-to-text AI

    Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more

    In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

    A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

    In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

    Continue reading
  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading

Biting the hand that feeds IT © 1998–2021