Hackers installing in-person - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  Hackers installing in-person
De:       Mike Powell
Data:     Thu, 28 May 2026 08:46:28 -0500
-----------------------------------------------------------
Hackers are turning up to victim's work dressed as IT support to install 
malware in-person, FBI warns

Date:
Thu, 28 May 2026 12:05:00 +0000

Description:
If a remote session fails, hackers will come to install malware in person.

FULL STORY
The Federal Bureau of Investigation (FBI) is warning about hackers showing up 
at peoples offices, pretending to be IT support. They sit at peoples desks, 
pull all sensitive files into an external drive and leave malware behind, all 
while pretending to be fixing a technical problem. 

In a newly released flash alert, the FBI says this cheeky attack is being 
done by a threat actor calling itself the Silent Ransom Group (SRG). This 
threat actor, active for roughly four years now, starts their attack with a 
phone call. They mostly target US-based law firms and first try to get the 
victim to install a remote desktop management solution and grant them access. 
If that attempt fails, they will come, in person, carrying flash drives, 
external disks, and other equipment needed to execute the attack. Once they 
steal the files, theyll quietly escalate privileges and step away, engaging 
in extortion at a later date:
 
"By sending someone in-person to the victims location to facilitate the
intrusion, SRG actors exfiltrate data to an external hard drive or USB drive 
inserted by the threat actor into the victims computer," the FBI explained.
"SRG actors use the exfiltrated victim data to extort the victim by sending a
ransom email threatening to sell or post the data online. SRG actors also 
call employees or clients of a victim company to pressure the victim to begin 
ransom negotiations.

"Finally, the crooks have their own data leak website where they
name-and-shame, in order to pressure the victims into paying the ransom 
demand."

SRG is also known as Luna Moth, Chatty Spider, and UNC3753, the FBI further 
explained. The group was first seen back in 2022, and while it struck 
organizations in different industries, it is primarily focused on law firms 
in the US. According to BleepingComputer , this group was previously linked 
to BazarCall campaigns, as well as Conti and Ryuk ransomware incidents. 

 Via BleepingComputer

Link to news story:
https://www.techradar.com/pro/security/hackers-are-turning-up-to-victims-work-
dressed-as-it-support-to-install-malware-in-person-fbi-warns

$$
--- MultiMail/DOS
 * Origin: Capitol City Hub (1:2320/105)

-----------------------------------------------------------
[Voltar]