All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Cybercrime gang uses fake help desk calls and in-person visits with USB drives to steal data from US companies

By

Jessica Lyons

4d ago· 6 min readenNews
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Crisp on the outside, thoughtful on the inside. A keeper.

Score100TypenewsSentimentnegative

Summary

A cybercrime gang tracked by Google's Mandiant incident response team has targeted dozens of US banks, law firms, and professional services companies between January and May. The group uses social engineering tactics, including fake help desk calls, to gain remote access to corporate IT systems. When remote deception fails, the criminals escalate by physically showing up at victims' offices, posing as IT technicians, and attempting to steal sensitive files using USB thumb drives.

Key quotes

· 3 pulled
If they don't get you online, they'll try in person.
A data-theft and extortion gang has targeted 'dozens' of banks, law firms, and other professional services companies in the US from January through May, using fake help desk calls and other social-engineering techniques to gain access to corporate IT environments.
When those remote-deception methods don't work, the criminals sometimes show up at victims' physical offices, posing as IT technicians, and attempt to steal sensitive files using thumb drives.
Snippet from the RSS feed
When 'Chatty Spider' morphs into tech services cosplay spider

You might also wanna read

Hackers Pose as Police to Trick Tech Companies Into Sharing Private Data

Hackers are successfully obtaining sensitive personal data from major tech companies by posing as law enforcement officers. Using spoofed em

wired.com·6mo ago

Google Confirms Data Breach in Salesforce CRM Theft Campaign by ShinyHunters

Google has become the latest victim of a data breach in a series of Salesforce CRM data theft attacks orchestrated by the ShinyHunters extor

bleepingcomputer.com·10mo ago

Hacking Group Threatens Google with Data Leak Unless Employees Are Fired

A hacking group has issued an ultimatum to Google, threatening to leak company databases unless Google fires two specific employees and susp

newsweek.com·9mo ago

Investigating the Identity Behind the Ransomware Group 'The Gentlemen'

A cybercrime group called The Gentlemen has become the second most active ransomware gang by victim count, using an aggressive recruitment s

krebsonsecurity.com·1d ago

Checkout.com Responds to Cyber Extortion Attempt Targeting Legacy System

Checkout.com experienced a cyber extortion attempt by the criminal group 'ShinyHunters' who gained unauthorized access to a legacy third-par

checkout.com·7mo ago

China-Based Phishing Groups Shift to Fake E-commerce Sites and Tax Refund Scams

China-based phishing groups are shifting tactics from traditional SMS scams about packages and toll fees to new offerings targeting holiday

krebsonsecurity.com·6mo ago