Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days.

Starting September 25th at 3:31 PM EST, Bandwidth began reporting that they were experiencing unexpected failures with their voice and messaging services. Bandwidth is a voice over Internet Protocol (VoIP) services company that provides voice telephony over the Internet to businesses and resellers.

Source

WHAT IS DDOS?

DDoS attacks try to take down websites or entire networks by overwhelming them with traffic from thousands of infected computers, collectively known as a botnet. Banks, news sites, and even governmental sites are the main targets of DDoS attacks, which then make the sites unavailable to users. And since both the target and the computers being used in the botnet are victims, individual users become collateral damage in the attack, their PCs slowing down or crashing while unwittingly working for the hacker.

Source

Since then, Bandwidth has been providing frequent status updates detailing outages affecting voice, Enhanced 911 (E911) services, messaging, and access to the portal.

As Bandwidth is one of the leading telephony providers for US voice over IP companies, many other VoIP vendors reported outages over the past few days, including Twilio, Accent, DialPad, Phone.com, and RingCentral.

While it has not been confirmed if these outages are related to Bandwidth’s service disruption, all of the above carriers stated that another upstream provider has caused their outages.

“The upstream provider has indicated that service has returned to normal operation. We will continue to monitor this situation and report any new information as it becomes available. Customers should be prepared for potential impairments of inbound services within 12-16 hours as the potential exists for this DDoS attack to return. We will not close this issue until services have returned to the normal operation for a period of 72 hours.” – Accent’s status page.

Twilio initially told BleepingComputer that they were not affected by Bandwidth’s attack, but their status page states that they had issues with Bandwidth today.

“Monitoring – We are observing recovery in Twilio Voice call quality and connection issues. Bandwidth is reporting the issue resolved as well. We will continue monitoring the service to ensure a full recovery. We will provide another update in 2 hours or as soon as more information becomes available.” Twilio’s status page.

Bandwidth.com hit with a DDoS attack

Earlier this month, VoIP provider VoIP.ms suffered a catastrophic week-long DDoS attack that took down almost all of their services and portals, leaving their customers without voice services.

The VoIP.ms attack was an extortion DDoS attack where threat actors impersonating the ransomware group ‘REvil’ initially demanded one bitcoin ($45,000) to halt their attacks but later increased it to 100 bitcoins ($4.5 million).

Source