When we think of hacking, we might imagine someone living in a different city, state, or country, accessing our devices remotely. That’s why security methods like 2FA and security keys are generally touted to be more secure, because as long as they cannot access our devices physically, we’re “safer.” But maybe it’s time to rethink that. Both Google and the FBI have recently issued a warning of fake IT workers using ransomware as an excuse to hack their victims in person.
Ransomware attackers are sending fake IT workers to hack victims in person
Google’s cybersecurity teams Mandiant and Google Threat Intelligence Group are warning that a group called the Silent Ransom Group was attempting to steal information using in-person access. These attacks took place from January 2026 through May 2026, with dozens of victims targeted.
The FBI has also issued a similar warning that the ransomware group were sending fake IT workers to the offices of their targets. According to an FBI spokesperson, they told TechCrunch, “We can confirm we have seen multiple instances of individuals impersonating IT support who have gained or attempted to gain physical in-person access to victim companies’ offices and/or devices as part of Silent Ransom Group’s scheme to exfiltrate data.”
How does this work?
Ransomware attacks work by convincing the target to download malware. When the malware is installed and run, it encrypts all the data on the device. The victim then has to pay a ransom to the attackers to obtain the decryption key to get their data back.
According to Google, the hackers wrote to one victim, “In case of ignorance or no agreement, We will notify your employees, partners and customers, after which We will publish your data.”
However, in this case, the gang has its own leak site. They then threaten their targets by saying they’ll publish the stolen data if they don’t pay. In some instances, they pretend to be the company’s IT support to trick their targets into granting access to computers. Or like we said earlier, they even go to more extreme measures by sending fake IT workers. These fake workers then connect USB drives or install remote access tools that allow the hackers to steal the data.
What a scary world we live in, where now hackers are resorting to offline methods to pull off the same attack.
The post Hackers Are Sending Fake IT Workers to Your Office to Steal Your Data, Google and the FBI Warns appeared first on Android Headlines.
