Ransomware

Ransomware Gang Uses Phone Calls to Hijack Company IT Systems Across US Industries

UNC3944 ransomware group targets US companies using phone scams to hijack IT systems. Google exposes their tactics, urging new cybersecurity strategies.

By Content Team

Jul 29, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Google researchers exposed UNC3944, a ransomware group targeting US retail, airline, and insurance companies through sophisticated phone scams. The hackers call IT help desks pretending to be employees, trick staff into resetting passwords, then use stolen credentials to access virtual server systems and deploy ransomware within hours.

Unlike typical cyberattacks, they don't use malware but manipulate legitimate administrative tools, making detection extremely difficult. The group's activity declined after 2024 law enforcement actions. But other ransomware groups are now copying these tactics, making this a growing threat requiring immediate defensive action.

Source: Industrial Cyber

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Malicious NPM Package 'Lotusbail' Steals WhatsApp Data from 56,000 Users

Dec 23, 2025

AI-Powered 'Truman Show' Scam Creates Fake Investment Reality for Victims

Jan 9, 2026

TriZetto Provider Solutions Breach Hits 3.4 Million Patients

Mar 11, 2026

Signal Warns Users After Russian Hackers Target Officials Through Phishing Scams

Mar 11, 2026