May 23, 2025 By Sergiu Gatlan
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks.
Also known as Luna Moth, Chatty Spider, and UNC3753, this threat group has been active since 2022 and was also behind BazarCall campaigns that provided initial access to corporate networks for Ryuk and Conti ransomware attacks.
In March 2022, following Conti's shutdown, the threat actors separated from the cybercrime syndicate and formed their own operation called Silent Ransom Group (SRG).
In recent attacks, SRG impersonates the targets' IT support in email, fake sites, and phone calls using social engineering tactics to gain access to the targets' networks.
This extortion group doesn't encrypt the victims' systems and is known for demanding ransoms not to leak sensitive information stolen from compromised devices online.
"SRG will then direct the employee to join a remote access session, either through an email sent to them, or navigating to a web page. Once the employee grants access to their device, they are told that work needs to be done overnight," the FBI said in a private industry notification on Friday.
