In an effort to put more pressure on their victims, some gangs ransomware have adopted the technique cold-calling. Nouns, when the hackers suspect that the victims trying to recover them archives their copies security to avoid paying the ransom, they call them on the phone and put pressure on them.
"We have seen this trend at least since August-September", The Director of IR & Cyber Threat Intelligence of Arete Incident Response told ZDNet.
According to the company security, Emsisoft, some of the ransomware gangs that have used the cold-calling technique are: Sekhmet and Maze (which have now ceased their activities) as well as Accounts and Ryuk.
"We think it's the same call center team that works for all ransomware gangs, as the templates and scripts are basically the same with some variationsSaid Bill Siegel, CEO and co-founder of the security company Coveware.
Arete IR and Emsisoft said they had seen such phone calls from their customers.
According to a recorded call made on her behalf ransomware Maze gang, and was notified to ZDNet, the callers had a strong accent, which means that English was not their mother tongue.
One of the security companies released an example of a cold calling, removing the victim's name:
"We know that an IT company works for your network. We continue to monitor you and know that you are installing SentinelOne antivirus software on all computers your. But be aware that this will not help. If you want to stop wasting your time and get them back data this week, we recommend that you discuss it with us in the chat, otherwise the problems with your network will never end".
Ransomware gangs: They are constantly evolving their methods
Using phone calls is a new tactic used by ransomware gangs to put pressure on victims and make them pay what is required. ransom.
Previous tactics included doubling the amount of money if the victims did not pay within a specified time, threats to inform journalists regarding the breach of company or threats to leakage sensitive documents in so-called "leak sites".
Cold calling tactics for victim pressure have appeared now, but this is not the first time ransomware gangs have called victims (in previous calls it was for cheating).
In April 2017, the UK Action Fraud team told schools and universities that ransomware gangs were calling their offices, pretending to be government officials and trying to defraud officials to open maliciously. archives leading to ransomware attacks.