1. Forum
  2. FidoNet
  3. CONSPRCY

  • FBI warns legal firms of

    From Mike Powell@1:2320/105 to All on Wed May 28 08:23:00 2025
    FBI warns legal firms of Luna Moth extortion attacks where hackers will call their office

    Date:
    Tue, 27 May 2025 13:34:00 +0000

    Description:
    Hackers are stealing files and then threatening to release them unless a payment is made.

    FULL STORY

    Law firms in the US should be on the lookout for highly sophisticated
    phishing attacks coming from the Silent Ransom Group, the FBI is warning.

    In a recent Private Industry Notification , the FBI said the group, which
    also targets other industries, has increased its focus on US law firms - and that it has also shifted its tactics slightly as well.

    The FBI says over the last couple of months, the group started impersonating employees of the target law firm, posing as a member of the IT department to send an email asking the victim to join a remote access session, stating the work they needed to do was to be conducted overnight.

    Chatty Spider

    Once in the victims device, a typical SRG attack involves minimal privilege escalation and quickly pivots to data exfiltration conducted through WinSCP (Windows Secure Copy) or a hidden or renamed version of Rclone, the FBI explained.

    Although this tactic has only been observed recently, it has been highly effective and resulted in multiple compromises.

    Once the group exfiltrates sensitive data from the target system, they will leave a ransom message, threatening to sell or leak the data online, unless a payment is made. To put the victims under even more pressure, the threat
    actors will call them on the phone, as well.

    Silent Ransom Group is also known as Luna Moth, Chatty Spider, or UNC3753.
    Its been active since 2022, but pivoted more towards US law firms in spring 2023. According to BleepingComputer , the group was behind the BazarCall campaigns that gave Ryuk and Conti ransomware operators initial access to
    some of their victims. The group was formed after Conti disbanded in March 2022.

    To defend against phishing, the FBI advises companies to use strong
    passwords, 2FA, and solid backup solutions.

    Via BleepingComputer

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fbi-warns-legal-firms-of-luna-moth-exto rtion-attacks-where-hackers-will-call-their-office

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)