When hackers called the company they claimed their organization had breached, they felt the same frustration most of us feel when calling the front desk.
The phone call between a hacker claiming to be a representative of ransomware gang DragonForce and a victim company employee was posted on a dark website by the ransomware gang in an attempt to pressure the company to pay the ransom demand. In reality, this call recording merely shows a rather hilarious and failed attempt to blackmail and intimidate rank-and-file employees of a company.
The recording also shows that ransomware gangs are always looking for different ways to blackmail the companies they hack.
“It is becoming increasingly common for threat actors to contact us by phone, and this needs to be factored into an organization's response plan. To engage or not to engage? Who should engage? You don't want to make these decisions while you're listening,” said Brett Callow, Threat Analyst at Emsisoft.
During the call, the hacker asked to speak to “management.” Instead, two other employees put him on hold until Beth from Human Resources answered the phone.
“Hello Beth, how are you doing?” said the hacker.
After a minute of the two having trouble hearing each other, Beth tells the hacker that she doesn't know much about the data breach he claimed. When the hacker tries to explain what is going on, Beth interrupts him and asks, “Then why are you attacking us?”
“Is there a reason why you chose our company?'' Beth insists.
“No need to bother me, okay? I'm just trying to help you,” the hacker replied, growing increasingly irritated.
The hacker then explains to Beth that she has only eight hours to negotiate with the company she works for before the ransomware gang releases the company's stolen data.
“It will be released for public access and used by criminals to commit fraud and terrorism,” the hacker said.
“Oh, okay,” Beth said, clearly confused and not understanding where the data was going.
“So it's going to be broadcast on X?” Beth asks. “So, is that Dragonforce.com?”
The hacker then threatened Beth and said he would begin calling the company's customers, employees, and partners. The hacker added that he had already contacted the media and provided a recording of a previous call with one of her colleagues. It is also posted on the gang's dark website.
“So that includes talking to Patricia? Because that's illegal in Ohio,” Beth says.
“Excuse me?” the hacker responds.
“You can't do that in Ohio. Did you record Patricia?” Beth continues.
“Ma'am, I'm a hacker. I don't care about the law,” the hacker replied, even more irritated.
The hacker then tries once again to convince Beth to negotiate, but to no avail.
“I would never negotiate with terrorists or hackers like you call yourself,” Beth replied, asking to see the hacker's phone number to call back.
When the hacker says, “I don't have your phone number,” Beth has had enough.
“Okay, then let's end this call,” she said. “I think we've put enough time and energy into this.”
“Well, good luck,” Beth says.
“Thank you and take care,” says the hacker.
The companies that were allegedly hacked in the incident, which TechCrunch is not naming to avoid contributing to the hackers' extortion efforts, did not respond to requests for comment.
Read more on TechCrunch: