{
	"id": "75a1db37-a80b-4095-bac5-1ce3e6cb6a06",
	"created_at": "2026-04-06T00:12:07.528884Z",
	"updated_at": "2026-04-10T03:22:04.197519Z",
	"deleted_at": null,
	"sha1_hash": "39937db594280b63d19a89c857ba3341c58f3ebd",
	"title": "Ransomware gangs add DDoS attacks to their extortion arsenal",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2864137,
	"plain_text": "Ransomware gangs add DDoS attacks to their extortion arsenal\r\nBy Lawrence Abrams\r\nPublished: 2020-10-01 · Archived: 2026-04-05 12:41:15 UTC\r\nA ransomware operation has started to utilize a new tactic to extort their victims: DDoS a victim's website until they return\r\nto the negotiation table.\r\nA distributed denial of service (DDoS) attack is when a threat actor floods a website or a network connection with a large\r\nvolume of requests to make a service inaccessible.\r\nAfter negotiations stalled in a recent ransomware attack, a SunCrypt ransomware affiliate DDoSed a victim's website.\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nWhen the victim logged back into the ransomware's Tor payment site, they were greeted by a message stating that SunCrypt\r\nwas responsible for the DDoS and will continue the attack if negotiations do not continue.\r\n\"At the moment your website is down due to the efforts of our tech. Please send us a message asap or further actions will be\r\ntaken,\" the SunCrypt ransomware operator warned a victim.\r\nWhen the victim asked why they were taking their website down, the ransomware operators stated that it was to force\r\nnegotiations.\r\n\"We were in thr [sic] process on the negotiations and you didn't show up so further actions were taken,\" the threat actors\r\nstated.\r\nSunCrypt telling victim they are DDoSing the website\r\nClick for larger version\r\nAfter the victim began ransom negotiations again, the ransomware operator agreed to have the \"tech\" turn off the DDoS\r\nattack.\r\nSunCrypt agreed to terminate the DDoS attack\r\nMalwareHunterTeam, who shared the chat with BleepingComputer, told us that this tactic ultimately led to the victim paying\r\nthe ransom.\r\nThis tactic was particularly effective against this victim as they were a smaller organization that was already greatly affected\r\nby the ransomware attack.\r\nBy combining data theft, the threat of a data breach, lack of access to encrypted files, and now a DDoS attack, a smaller\r\nvictim could have their operation completely shut down.\r\nThis is another example of ransomware gangs updating their tactics to increase pressure on their victims so that they feel\r\nthere is no choice but to pay the ransom.\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal/\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal/"
	],
	"report_names": [
		"ransomware-gangs-add-ddos-attacks-to-their-extortion-arsenal"
	],
	"threat_actors": [],
	"ts_created_at": 1775434327,
	"ts_updated_at": 1775791324,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/39937db594280b63d19a89c857ba3341c58f3ebd.pdf",
		"text": "https://archive.orkl.eu/39937db594280b63d19a89c857ba3341c58f3ebd.txt",
		"img": "https://archive.orkl.eu/39937db594280b63d19a89c857ba3341c58f3ebd.jpg"
	}
}