​ Ransomware Gang Sends Thieves In Person
  • Home
    • News
    • Entertainment
    • The Baller Alert Show
    • Baller Alert Lists
    • Baller Alert Exclusives
    • Ballerific Music
    • That’s Baller
    • Fashion
    • Metaverse
    • Tech
    • Lifestyle
    • Sports
    • Op-Ed
    • Travel
    • Health
  • EVENTS
  • Videos
  • Shop
  • ChatBot
  • About
  • Political News
  • en español
No Result
View All Result
  • Home
    • News
    • Entertainment
    • The Baller Alert Show
    • Baller Alert Lists
    • Baller Alert Exclusives
    • Ballerific Music
    • That’s Baller
    • Fashion
    • Metaverse
    • Tech
    • Lifestyle
    • Sports
    • Op-Ed
    • Travel
    • Health
  • EVENTS
  • Videos
  • Shop
  • ChatBot
  • About
  • Political News
  • en español
No Result
View All Result
Baller Alert
No Result
View All Result

This Ransomware Gang Doesn’t Need Your Password — It Sends Someone To Steal Your Data In Person

Grace L. by Grace L.
June 5, 2026
in Tech
Reading Time: 3 mins read
This Ransomware Gang Doesn't Need Your Password — It Sends Someone To Steal Your Data In Person

This Ransomware Gang Doesn't Need Your Password — It Sends Someone To Steal Your Data In Person

The password is no longer the weakest link; your front desk is. A ransomware gang has escalated its attacks on law firms by sending fake IT workers in person to victims’ offices, where imposters steal data directly from computers using USB drives or help other gang members connect remotely, according to new warnings from Google and the FBI.

The group, known as Silent Ransom Group, was the subject of a joint report published Friday by Google’s cybersecurity teams Mandiant and Google Threat Intelligence Group. The report documented attacks from January through May of this year targeting “dozens” of victims — with some cases involving fake IT personnel physically entering office buildings and sitting down at employee workstations.

Mandiant has investigated various matters where adversaries planted insiders, bribed employees, or physically entered buildings to facilitate cyberattacks,” said Charles Carmakal, Mandiant’s chief technology officer, adding that he has seen variations of this tactic used in other cases over the years.

The FBI confirmed it is not an isolated incident.

“We can confirm we have seen multiple instances of individuals impersonating IT support who have gained or attempted to gain physical in-person access to victim companies’ offices and/or devices as part of Silent Ransom Group’s scheme to exfiltrate data,” an FBI spokesperson told TechCrunch.

Once inside, the fake IT workers connect to employee computers and use USB drives or remote access tools to walk out with contracts, personal information, including Social Security numbers, and financial and tax records. The theft is only the beginning.

The gang then contacts victims directly with a blunt extortion threat.

In case of ignorance or no agreement, We will notify your employees, partners, and customers, after which we will publish your data,” the hackers wrote to one victim, according to Google. The group maintains its own leak site where stolen data is published if victims refuse to pay — a modern extortion model that never bothers encrypting files the way traditional ransomware does.

The physical visit doesn’t happen cold. It follows a carefully layered social engineering operation designed to lower every defense before anyone shows up in person. Attackers send phishing emails, make follow-up phone calls, and impersonate the target company’s own IT support staff to build familiarity and trust.

“The callers use a variety of verbal instructions to guide target behavior. Under the guise of addressing a security issue or aiding with a corporate data migration project, they build trust and direct the target to join a screen-sharing session,” Google’s researchers wrote. Victims are then convinced to download screen-sharing applications, or attackers exploit existing features inside Zoom or Microsoft Teams to bypass security controls entirely. The in-person visit, in some cases, is simply the closing move.

While hackers most of the time steal data remotely via malware or phishing attacks, what Silent Ransom Group is now doing represents something researchers are calling a novel and significant escalation, a deliberate merging of traditional cyberattack techniques with old-fashioned physical intrusion. Most organizations have spent years hardening their digital perimeters. Few have trained their reception staff to turn away a confident man in a polo shirt carrying a laptop bag.

For the dozens of law firms already hit this year, the lesson is a hard one: the most dangerous moment in a cyberattack may no longer be the click on a bad link. It may be the moment someone holds the elevator door open for a stranger.

Short Link: https://balleralert.com/u01b
Previous Post

That’s Baller: Taylor Swift Just Hit $2 Billion And Every Single Dollar Came From Music

Next Post

Starbucks Is Bringing Back The Unicorn Frappuccino, But Only The Fastest Fans Will Get One

Grace L.

Grace L.

Hazel L., known as thinktank, is a breaking news and trends writer for Baller Alert, delivering fast, accurate updates on the stories shaping culture and current events.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Download Baller Alert App

Chat with Baller Alert Bot
No Result
View All Result
  • Home
    • News
    • Entertainment
    • The Baller Alert Show
    • Baller Alert Lists
    • Baller Alert Exclusives
    • Ballerific Music
    • That’s Baller
    • Fashion
    • Metaverse
    • Tech
    • Lifestyle
    • Sports
    • Op-Ed
    • Travel
    • Health
  • EVENTS
  • Videos
  • Shop
  • ChatBot
  • About
  • Political News
  • en español