Ransomware operators have adopted a dastardly new strategy

News
By
published

Victims of ransomware attacks are being harassed over the phone

security
(Image credit: Shutterstock / binarydesign)

A number of different ransomware groups have adopted a new strategy designed to further intimidate victims: harassment over the phone.

Reports from multiple cybersecurity firms suggest the trend emerged in late summer and is targeted primarily at businesses suspected of using data backups to restore systems after an attack.

Ransomware operators known to have contacted victims via telephone include Sekhmet, Maze, Conti and Ryuk. According to security company Coveware, recurring call scripts suggest these groups may have outsourced the task to the same call center.

“We are aware of a 3rd party IT company working on your network. We continue to monitor and know that you are installing SentinelOne antivirus on all your computers. But you should know that it will not help,” one victim was told over the phone.

“If you want to stop wasting your time and recover your data this week, we recommend that you discuss this situation with us in the chat or the problems on your network will never end.”

Evolution of ransomware

Since ransomware grew to prominence in the mid-2000s, attacks have become increasingly sophisticated and operators have deployed ever more dastardly tactics. The most significant development in the space can be seen in the frequency with which data is now exfiltrated as part of an attack. 

Previously, ransomware simply encrypted files on a business’s network, making them inaccessible, but this problem could be resolved by restoring data from a backup. However, by lifting corporate data as well as encrypting systems, ransomware operators give themselves far greater leverage in negotiations, over which the threat of a data leak looms large.

The use of phone calls as a means of intimidation can be seen as another step in the evolution of this highly effective form of cyberattack.

This year alone, multiple high-profile companies have fallen victim to ransomware, including Canon, Capcom, Kmart, Equinix and Cognizant. Operators also launched attacks against healthcare facilities at the height of the pandemic, preventing proper care from being administered.

Even in cases in which the business pays the ransom, there can be no guarantee the stolen data is deleted, opening the door to secondary extortion attempts.

Via ZDNet

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest in Security
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
HTTPS in a browser address bar
Malicious "polymorphic" Chrome extensions can mimic other tools to trick victims
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Latest in News
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
New Samsung Galaxy S25 Edge may have revealed some key details – including its price
More about security
Woman shocked by online scam, holding her credit card outside

Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Cryptocurrencies

Ransomware’s favorite Russian crypto exchange seized by law enforcement
70mai 360 Omni 4K Dash Cam

I've reviewed dozens of dash cams, and 70mai's new rotating 4K dash cam is unlike any other
See more latest
Most Popular
International Space Station
Is the moon too far for your data? IBM's Red Hat is teaming up with Axiom Space to send a data center into space
Samsung NAND
Well, that's unexpected: Samsung will team up with its fiercest Chinese rival to produce next gen NAND flash
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Molecular hard drive
Chinese researchers are looking to create a revolutionary type of hard drive based on organic materials but huge unknowns remain
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 10 (game #1141)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 10 (game #372)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 10 (game #638)
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max