Google and FBI warn of ransomware group using fake IT workers for physical office breaches
Original: Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
Why This Matters
Physical infiltration represents significant escalation in cybercrime tactics beyond digital attacks
Google and FBI report Silent Ransom Group targeting law firms by sending fake IT workers to offices who steal data using USB drives and remote access. Group has attacked dozens of victims from January-May 2026, escalating from traditional phishing.
Google's Mandiant and Threat Intelligence Group, along with the FBI, revealed that Silent Ransom Group has escalated attacks by sending imposters posing as IT support to victims' offices. These fake workers connect to computers and steal contracts, Social Security numbers, and financial records using USB drives or remote access tools. The group targeted dozens of law firms from January through May 2026. FBI confirmed multiple instances of individuals impersonating IT support gaining physical access to offices. The group operates a leak site threatening to publish stolen data if victims don't pay, following modern extortion tactics without encrypting data. They also use traditional phishing emails and social engineering, pretending to be company IT support to trick victims into granting computer access.