Tech | Visa | Scholarship/School | Info Place

Ransomware gangs’ new extortion tactics?call front desk

When a hacker calls the company his gang claims to have compromised, he feels the same way most of us feel when we call the front desk: frustration.

The ransomware gang has posted phone calls on its dark website between hackers claiming to represent ransomware gang DragonForce and employees of victim companies, in an apparent attempt to pressure the company to pay the ransom. In reality, the call recording merely shows a somewhat hilarious but failed attempt to extort and intimidate rank-and-file company employees.

The recordings also show how ransomware gangs are always looking for different ways to intimidate the companies they hack.

“It is increasingly common for threat actors to contact via phone calls, and this should be factored into an organization’s response plan. Do we engage or not? Who should engage? You don’t want to make these while a threat actor is listening to your hold music decision,” said Emsisoft threat analyst Brett Callow.

During the call, the hacker asked to speak to the “management team.” Instead, two different employees told him to wait until Beth from HR answered the phone.

“Hi Beth, how are you?” Hacker said.

After a minute, the two couldn’t hear each other clearly, and Beth told the hacker that she was unfamiliar with the data breach the hacker claimed. When the hacker tried to explain what was going on, Beth interrupted and asked, “Now, why are you attacking us?”

“Is there any reason you chose us?” Beth insisted.

“Don’t bother me, okay? I just want to help you,” the hacker replied, growing increasingly frustrated.

The hacker then explained to Beth that the company she worked for had only eight hours to negotiate before the ransomware gang released the company’s stolen data.

“It will be released for public access and will be used by criminals for fraudulent activities and terrorism,” the hackers said.

“Oh, okay,” Beth said, clearly confused and not understanding where the data would be.

“So it’s going to be on X?” Beth asked. “Is that Dragonforce.com?”

The hackers then threatened Beth, saying they would start calling the company’s customers, employees and partners. The hacker added that they had contacted the media and provided a recording of a previous call with one of her colleagues, which was also on the gang’s dark website.

“So this included a conversation with Patricia? Because you know, that’s illegal in Ohio,” Beth said.

“Excuse me?” the hacker responded.

“You can’t do that in Ohio. Did you record it, Patricia?” Beth continued.

“Ma’am, I’m a hacker. I don’t care about the law,” the hacker replied, becoming even more frustrated.

The hacker then tries again to convince Beth to negotiate, but to no avail.

“I would never negotiate with a terrorist or a hacker, like you put it,” Beth responded, asking the hacker to confirm a good phone number to call them back.

When the hacker said they “didn’t have a phone number,” Beth had had enough.

“Okay, I’ll end this call now,” she said. “I think we spent enough time and effort on this.”

“Well, good luck,” Beth said.

“Thanks and take care,” the hacker said.

The company allegedly hacked in this incident did not respond to a request for comment. TechCrunch is withholding names to avoid helping hackers extort the company.

Read more on TechCrunch:

#Ransomware #gangs #extortion #tacticscall #front #desk

Leave a Reply

Your email address will not be published. Required fields are marked *