Silent Ransom Group Exploits IT Impersonation to Breach U.S. Law Firms
The Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, has been targeting U.S.-based law firms using sophisticated social engineering tactics. According to a recent FBI Flash Alert, SRG has evolved from traditional phishing methods to impersonating IT staff in phone calls and face-to-face interactions to infiltrate corporate systems. This tactic, known as callback and telephone-oriented attack delivery (TOAD), involves sending phishing emails that prompt victims to call the threat actor, who then sends a link to download remote access software. If remote access fails, SRG sends a threat actor to the victim's physical location to gain access and insert a storage device into the victim's computer. Once access is gained, SRG quickly pivots to data exfiltration using tools like Windows Secure Copy (WinSCP) or Rclone, and exfiltrates data to platforms such as Google Drive or Microsoft OneDrive. The FBI warns that traditional antivirus products may not flag these intrusions as SRG us... 
