A worrying campaign ransomware has been spreading in recent weeks, with such a level of danger that it has even led toFBI to raise the alarm.
The operation is carried out by a group of cybercriminals known as Silent Ransom and, to spread, it uses some advanced techniques phishing which also include the use of specific call center.
The strategy, known as callback phishing, starts from an email that presents a problem to the employee of a targeted company. This is invited to call a call center operated by cybercriminals who, through tactics social engineeringpushes the victim to install software on their computer, paving the way for cyber criminals.
While the app in question may appear legitimate, it is usually using software that gives cybercriminals plenty of room to maneuver. The software used is often very well known to the victim, which makes the hackers’ job even easier. We are talking about completely legitimate services, such as Team Viewer, AndyDesk o Zoho Assist.
Silent Ransom is a group active since 2022, also known as Luna Mothspecialized in scams that use advanced phishing techniques.
Refined callback phishing techniques are a lethal weapon in the hands of cybercriminals
The phenomenon of callback phishing represents the last frontier of ransomware diffusion. This technique, in fact, reduces the risks of detection and allows you to gain access to compromised machines with considerable speed.
In an official note, the FBI wanted to explain in detail how Silent Ransom works “Once victims called the provided phone number, the attackers directed them to join a legitimate system management tool via a link provided in a follow-up email“.
In the document proposed by the famous American agency, some valuable advice is provided to avoid this type of threat.
The FBI advises companies to implement strict policies regarding the use of remote access software. In this sense, individual employees should never move independently but always under the supervision of a cybersecurity expert.