CyberSecurity news
FlagThis
Pierluigi Paganini@Security Affairs
//
The FBI has issued a warning to U.S. law firms regarding an escalating cyber threat posed by the Silent Ransom Group (SRG), also known as Luna Moth or Chatty Spider. This group, active since 2022, has refined its tactics to target law firms specifically since early 2023, likely due to the valuable and confidential client data they possess. The group aims to gain unauthorized access to systems and devices in order to steal sensitive information and extort victims with threats of public data leaks.
SRG's methods include IT-themed social engineering calls and callback phishing emails. In these attacks, they impersonate IT personnel to deceive employees into granting remote access to systems. They may direct the employee to a malicious website or send a link via email that installs remote access software. Once inside, the attackers discreetly extract sensitive files using tools like WinSCP or disguised versions of Rclone. This campaign is particularly dangerous because it leaves minimal digital traces and can bypass traditional security measures.
To defend against these attacks, the FBI urges law firms to enhance staff training to recognize and avoid social engineering tactics. Implementing multi-factor authentication is crucial, as is proactive monitoring for unauthorized access attempts. The agency also advises that victims share any ransom evidence with law enforcement to aid in investigations. Furthermore, CISOs are encouraged to fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
ImgSrc: securityaffairs
References :
SRG's methods include IT-themed social engineering calls and callback phishing emails. In these attacks, they impersonate IT personnel to deceive employees into granting remote access to systems. They may direct the employee to a malicious website or send a link via email that installs remote access software. Once inside, the attackers discreetly extract sensitive files using tools like WinSCP or disguised versions of Rclone. This campaign is particularly dangerous because it leaves minimal digital traces and can bypass traditional security measures.
To defend against these attacks, the FBI urges law firms to enhance staff training to recognize and avoid social engineering tactics. Implementing multi-factor authentication is crucial, as is proactive monitoring for unauthorized access attempts. The agency also advises that victims share any ransom evidence with law enforcement to aid in investigations. Furthermore, CISOs are encouraged to fortify help desk and employee defenses, enhance intrusion detection and tracking capabilities, and recognize that paying ransoms is not a viable strategy.
ImgSrc: securityaffairs
Share:
References :
- DataBreaches.Net: DataBreaches.net issues a Private Industry Notification about the Silent Ransom Group targeting law firms.
- securityaffairs.com: SecurityAffairs reports on Silent Ransom Group targeting law firms, the FBI warns.
- The DefendOps Diaries: The DefendOps Diaries explores the Silent Ransom Group's new era of cyber extortion.
- bsky.app: The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks.
- BleepingComputer: FBI warns of Luna Moth extortion attacks targeting law firms
- ciso2ciso.com: Silent Ransom Group targeting law firms, the FBI warns – Source: securityaffairs.com
- hackread.com: FBI Warns of Silent Ransom Group Targeting Law Firms via Scam Calls
- databreaches.net: Private Industry Notification: Silent Ransom Group Targeting Law Firms
- Security Affairs: The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously […]
- ciso2ciso.com: FBI Warns of Silent Ransom Group Targeting Law Firms via Scam Calls – Source:hackread.com
- malware.news: Private Industry Notification: Silent Ransom Group Targeting Law Firms
- ciso2ciso.com: FBI warns law firms: Silent Ransom Group uses phishing emails and fake IT calls to steal data, demanding ransom to prevent public leaks.
- gbhackers.com: FBI Issues on Silent Ransom Group Using Fake IT Support Calls to Target Victims
- malware.news: FBI Issues on Silent Ransom Group Using Fake IT Support Calls to Target Victims
- The Hacker News: The campaign leverages "information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims
- gbhackers.com: The Federal Bureau of Investigation (FBI) has issued a critical alert regarding the escalating activities of the cyber threat actor known as Silent Ransom Group (SRG), also identified under aliases such as Luna Moth, Chatty Spider, and UNC3753.
- Tech Monitor: The FBI alerts law firms to rising threat of Silent Ransom Group’s extortion tactics
- thecyberexpress.com: FBI Warns about Silent Ransom Group Targeting Law Firms
- eSecurity Planet: The FBI warns law firms of a stealth phishing scam where hackers call victims, pose as IT staff, and use remote access tools to steal sensitive data.
- www.scworld.com: US law firms facing Luna Moth ransomware threat
- cyble.com: FBI Warns Silent Ransom Group Targeting U.S. Law Firms Using Social Engineering and Callback Phishing
- www.esecurityplanet.com: FBI Warns Law Firms: Hackers Are Calling Offices in Stealth Phishing Scam
- cyble.com: FBI Warns Silent Ransom Group Targeting U.S. Law Firms Using Social Engineering and Callback Phishing
- www.techradar.com: FBI warns legal firms of Luna Moth extortion attacks where hackers will call their office
Classification:
- HashTags: #PhishingScam #LawFirmSecurity #SilentRansom
- Company: FBI
- Target: Law Firms
- Attacker: Luna Moth
- Feature: stealth phishing
- Type: Hack
- Severity: Major