- FBI is warning US law firms of ongoing attacks
- The miscreants tricked to provide access to employees
- They give up sensitive data and then threaten to release it
Law firms in the US should be in search of highly sophisticated fishing attacks coming from the silent ransom group, giving the FBI warning.
recently Private industry notificationThe FBI stated that the group, which also targets other industries, has focused its focus on the US law firms – and has also shifted its strategy slightly.
The FBI says that in the last few months, the group started implementing the Target Law firm employees, asked the victim to attend the remote access session to send an email as a member of the IT department, stating that the work they had to do was to be held overnight.
Splice spider
“Once the victim’s device, a specific SRG attack contains minimum privilege increase in a specific SRG attack and quickly for data exfIs for data exfIs made through” WINDSCP “(WindScP” (Winds SECP “or a hidden or nominal version of ‘RCLONE’,” FBI explained.
“Although this strategy has been seen only recently, it has been highly effective and has resulted in many agreements.”
Once the group exfers sensitive data from the target system, they will give up a ransom message, until the payment is made, the data will be threatened to sell or leaks online. To keep the victims under even more pressure, the danger actors will also call them on the phone.
Silent Ranesam Group is also known as Luna Moth, Chat Spider or UnC3753. It has been active since 2022, but in spring 2023 was more pivoted towards US law firms. BlappingCopperThe group was behind the bazarcall expeditions, which gave Ryuk and Conti Ransomware operators a initial access to some of their victims. The group was formed in March 2022 after the dissolution of the Conti.
To defend against fishing, FBI recommends using strong passwords, 2FA and solid backup solutions.
Through BlappingCopper
