FBI Warns US-Based Law Firms to Be on the Lookout for Cybercrime Group that Steals Data in Person
The gang uses impersonation, phishing and physical intrusions to steal files and extort victims, and the FBI says it has targeted law firms since 2023.
- On Tuesday, the FBI warned that Silent Ransom Group is targeting U.S.-based law firms through in-person data theft attacks, combining phishing emails with physical visits to insert storage devices into victim computers. The group has claimed more than 100 attacks with activity surging in recent months.
- Emerging in March 2022 after Conti disbanded, SRG began targeting law firms in early 2023 due to the sector's highly sensitive data. The FBI warned last year that callback phishing specialists had started physically walking into law firm offices when remote social engineering attempts failed.
- Halcyon tracked 134 ransomware incidents against law firms during the first quarter of this year, making law firms the fourth-most targeted industry at more than 6% of all tracked ransomware attacks, with SRG largely responsible. The group's in-person visits for data theft are extraordinary with no known parallels across the cybercrime ecosystem.
- Major law firm Jones Day confirmed a cyber phishing incident in April after appearing on SRG's data leak site; the FBI recommends disallowing external drive connections to company devices, limiting sensitive data access, and requiring phishing-resistant MFA.
- Researchers speculate SRG relies on freelance taskers based in Russia who may not know they are committing crimes, while workplace norms requiring implicit trust make employees vulnerable to the tactic. Joe Slowik, director of cybersecurity alerting strategy at Dataminr, noted that questioning everyone introduces friction and limits productivity.
16 Articles
16 Articles
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Silent Ransom Group, a long-running data extortion operation, continues to hit U.S.-based law firms by impersonating IT support and, in some cases, visiting victims in person to gain physical access to computers, the FBI said in an alert Tuesday. The closed group, which likely operates from Russia and emerged in 2022 after Conti disbanded, has claimed responsibility for more than 100 attacks with activity surging during the past few months, acco…
Extortion crews are visiting law firms pretending to be tech support, FBI warns
The FBI is warning unsuspecting lawyers that their firms continue to be an active target for members of a longstanding extortion crew. Silent Ransom Group has been operating since 2022, by the FBI’s reckoning, and its latest message [PDF] about the gang comes almost exactly a year after its last. The group is still targeting US law firms and their staff, and the criminals are pretending to be company IT staff. It also warned last year that the c…
Silent Ransom Group Targets Law Firms With IT Impersonation Attacks
Silent Ransom Group is escalating attacks on U.S. law firms by posing as IT staff through phishing emails, phone calls, and in-person visits. The group, also tracked as Luna Moth, Chatty Spider, and UNC3753, is focusing on data theft and extortion rather than traditional ransomware encryption, making its activity more difficult for organizations to detect early. “This is a pretty natural evolution of extortion operations,” said Gabrielle Hempel…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
