Hackers Disguised as IT Support Installing Malware In-Person, FBI Warns

Warning from the FBI 🚨

The Federal Bureau of Investigation (FBI) has issued a warning about hackers posing as IT support at workplaces. These hackers infiltrate offices, sit at employees’ desks, and while pretending to fix technical issues, they steal sensitive files onto external drives and leave malware behind.

In a recent flash alert, the FBI highlighted the activities of a group known as the Silent Ransom Group (SRG), which has been active for about four years. Their attacks often begin with a phone call to the victim.

How the Attack Works 🔍

The FBI explained, “By sending someone in-person to the victim’s location to facilitate the intrusion, SRG actors exfiltrate data to an external hard drive or USB drive inserted by the threat actor into the victim’s computer.” This stolen data is then used to extort the victim through ransom emails, threatening to sell or publish the data online. Additionally, SRG actors may contact employees or clients of the victim company to pressure them into ransom negotiations.

About the Silent Ransom Group 🕵️‍♂️

SRG is also referred to as Luna Moth, Chatty Spider, and UNC3753. This group first emerged in 2022 and has targeted various industries, with a particular focus on law firms in the United States. According to BleepingComputer, SRG has been linked to previous campaigns involving BazarCall, as well as Conti and Ryuk ransomware incidents.

For more details, check out the full article here: Read full article\n