Silent Ransom Group targeting law firms

The cyber threat actor Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims, IC3 warns.

While SRG has historically victimized companies in many sectors including companies in the medical industry and insurance industry, the group has consistently targeted U.S.-based law firms, likely due to the highly sensitive nature of legal industry data. 

SRG has been operating since 2022 and has primarily been known for their callback phishing emails, masquerading as well-known businesses who offer subscription plans. As of March, SRG was observed changing their tactics to calling individuals and posing as an employee from their company’s IT department. SRG will then direct the employee to join a remote access session, either through an email sent to them, or navigating to a web page. Once the employee grants access to their device, they are told that work needs to be done overnight.

Read more at IC3