The new trend was observed from August to September this year, and was applied by the Sekhmet, Maze, Conti and Ryuk groups.
In an effort to pressure victims, some ransomware groups now make phone calls if a compromised company tries to restore data from backups and evade the ransom payment.
As information security specialists told the ZDNet edition, this trend was observed from August to September this year. Groups that have resorted to such methods have included Sekhmet, Maze, Conti, and Ryuk.
Experts believe that the same group of outsourced call centers is working for all the operators of the ransomware, since the patterns and scenarios of conversations are the same in all cases.
According to the recorded call, made on behalf of the ransomware group Maze and transmitted to ZDNet, the callers had a strong accent. This suggests that they are not native English speakers.
“We are aware of a third party IT company running on your network. We continue to monitor and know that you are installing SentinelOne antivirus software on all of your computers. But you should know that it won’t help. If you want to stop wasting your time and recover your data this week, we recommend that you discuss this situation with us in the chat, otherwise the problems with your network will never end, ”said one of the calls.