{
	"id": "b3aa575e-5d66-4cf6-836f-a8929fda09fa",
	"created_at": "2026-04-06T00:12:07.712574Z",
	"updated_at": "2026-04-10T13:11:24.281152Z",
	"deleted_at": null,
	"sha1_hash": "8bb0ec3ee270ece3c7aa2327e980327aba5e26dd",
	"title": "UK VoIP telco receives 'colossal ransom demand', reveals REvil cybercrooks suspected of 'organised' DDoS attacks on UK VoIP companies",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 45760,
	"plain_text": "UK VoIP telco receives 'colossal ransom demand', reveals REvil\r\ncybercrooks suspected of 'organised' DDoS attacks on UK VoIP\r\ncompanies\r\nBy Tim Richardson\r\nPublished: 2021-09-02 · Archived: 2026-04-05 13:22:30 UTC\r\nTwo UK VoIP operators have had their services disrupted over the last couple of days by ongoing, aggressive\r\nDDoS attacks.\r\nSouth Coast-based Voip Unlimited has confirmed it has been slapped with a \"colossal ransom demand\" after being\r\nhit by a sustained and large-scale DDoS attack it believes originated from the Russian cybercriminal gang REvil.\r\nThis morning, it confirmed that \"services are operational ... however the attacks are still ongoing.\"\r\nSeparately, London-based Voipfone (see status page here) said it is still suffering outages on voice, inbound and\r\noutbound calls, and SMS services. It told customers on Tuesday in a status update that it had been hit by \"a further\r\nDDoS attack\" after the initial attack, revealed to customers via email as having taken place over the Monday bank\r\nholiday.\r\nAt this stage it's not clear if any other UK Internet Telephony Service Providers (ITSP) have been affected.\r\nHowever, UK Comms Council – the industry body that represents ITSPs – has informed members of the industry\r\ngroup about the attacks and issued a reminder to adopt \"appropriate DDoS mitigation strategies.\"\r\nMark Pillow, MD of Voip Unlimited, told us the company takes \"full responsibility of the availability of our\r\nservices to our clients\" and that he is \"extremely sorry for all inconvenience caused.\"\r\nIn a statement, he explained: \"At 2pm 31st August, Voip Unlimited's network was the victim of an alarmingly\r\nlarge and sophisticated DDoS attack attached to a colossal ransom demand.\"\r\nAs a result of the attack some of VoIP Unlimited's network experienced \"intermittent or total loss of internet\r\nconnectivity services\" although customers using its Voip Unlimited Ethernet and Broadband services are\r\nunderstood to have remained largely unaffected.\r\nDissected: A dropper-as-a-service miscreants pay to push their malware onto potentially 1,000s of victims\r\nIn Microsoft's world, cloud email still often requires on-premises Exchange. Why?\r\nMirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit\r\nBlackbaud – firm that paid off crooks after 2020 ransomware attack – fails to get California privacy law\r\nclaim dropped\r\nPillow went on to say the incident was not isolated and that other companies had also been hit.\r\nhttps://www.theregister.com/2021/09/02/uk_voip_telcos_revil_ransom/\r\nPage 1 of 2\n\n\"UK Comms Council have communicated to us that other UK SIP (Session Initiation Protocol) providers are\r\naffected and identified them as a criminal hacking organisation called REvil who appear to be undertaking\r\nplanned and organised DDoS attacks against VoIP companies in the UK,\" he said.\r\nThe full extent of the attack is not yet known, but in an email sent by Voipfone on Tuesday and seen by El Reg the\r\ncompany told customers that its services had been \"intermittently disrupted by a DDoS attack\" over the Bank\r\nHoliday weekend that flooded its network with bogus traffic from tens of thousands compromised devices.\r\nAlthough it had managed to regain some control - biz broadband services are again live after the problem was\r\nresolved late yesterday afternoon - it did warn that the attack may return at some point. The status page is here.\r\nSources close to Voipfone told us that they \"do believe it is the same attack as the other VoIP provider\" but went\r\non to add that they have nothing official to say at the moment other than they are working to resolve the issue as\r\nquickly as possible.\r\nIt goes without saying that customers have become increasingly frustrated at being unable to access key digital\r\ncommunications services following a return to work after the August Bank Holiday weekend.\r\nIn a statement, chair of Comms Council UK Eli Katz told us: \"Comms Council UK is aware of the Denial of\r\nService attacks currently targeting IP-based communications service providers in the UK and that a small number\r\nof our members have been impacted. We have communicated the issue to our membership and are continuing to\r\nliaise closely with them to share further information and support as the situation develops.\"\r\nUK law enforcement agencies have been informed of the attack. ®\r\nSource: https://www.theregister.com/2021/09/02/uk_voip_telcos_revil_ransom/\r\nhttps://www.theregister.com/2021/09/02/uk_voip_telcos_revil_ransom/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.theregister.com/2021/09/02/uk_voip_telcos_revil_ransom/"
	],
	"report_names": [
		"uk_voip_telcos_revil_ransom"
	],
	"threat_actors": [],
	"ts_created_at": 1775434327,
	"ts_updated_at": 1775826684,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/8bb0ec3ee270ece3c7aa2327e980327aba5e26dd.pdf",
		"text": "https://archive.orkl.eu/8bb0ec3ee270ece3c7aa2327e980327aba5e26dd.txt",
		"img": "https://archive.orkl.eu/8bb0ec3ee270ece3c7aa2327e980327aba5e26dd.jpg"
	}
}