The U.S. Federal Bureau of Investigation (FBI) has released an alert that warns private industry in the country about incidents of harassment of victims made by ransomware gangs, such as the well-known Doppelpaymer group.
FBI Is Aware of Cold-Calling Tactics by Ransomware Gangs:
According to a PIN (private industry notification) alert regularly sent to U.S. companies to inform them about the latest updates in the cybersecurity sphere, shared by Zdnet, the FBI has been aware of incidents since February 2020, where Doppelpaymer has cold-called companies to intimidate victims by demanding them to pay a crypto ransom.
The intimidation, which had escalated to rude language, includes threats to send individuals to the victims’ homes if they don’t pay for the demanded money in the ransomware attack deployed by the gang.
The FBI describes Doppelpaymer as a group of threat actors that often demand between six and seven-figure ransoms in bitcoin during their attacks. If victims don’t pay, then they start to exfiltrate part of the stolen data and make “follow-on telephone calls to victims to further pressure them to make ransom payments.”
Zdnet said that a similar tactic was used by other now-defunct ransomware groups, such as Sekhmet and Maze.
Usually, the group of hackers targets healthcare sectors, emergency, and education across the globe, but they’ve been heavily active since June 2019, said the Bureau.
In the alert, there is a recall of an incident related to Doppelpaymer and its cold-calling tactics to harass victims:
In one case, an actor, using a spoofed US-based telephone number while claiming to be located in North Korea, threatened to leak or sell data from an identified business if the business did not pay the ransom. During subsequent telephone calls to the same business, the actor threatened to send an individual to the home of an employee and provided the employee’s home address. The actor also called several of the employee’s relatives.