Silent Ransom Group uses phishing and phone-based IT support scams to trick employees into granting access to work systems through legitimate remote access tools. The group primarily targets US law firms, but it also targets financial, healthcare, and insurance organizations because these sectors hold highly sensitive information. The group is tracked under aliases including Luna Moth, Chatty Spider, and UNC3753. When remote access attempts fail, actors may physically impersonate IT personnel at the victim’s workplace. They may gain access and insert a storage device to obtain data, making the threat harder to contain using email filters and endpoint tools alone.
"The FBI has warned that Silent Ransom Group, a cybercrime group known for phishing and phone-based IT support scams, has expanded its tactics to include physical impersonation. According to the bureau, the group may send an actor to a victim's workplace to gain access and insert a storage device when remote access attempts fail."
"That shift makes the threat harder to contain with email filters and endpoint tools alone. For organizations handling legal, financial, healthcare, or insurance data, the risk now extends from the inbox to the front desk."
"Also tracked under the aliases Luna Moth, Chatty Spider, and UNC3753, the group's mode of operation (MO) involves posing as IT support teams via email or phone calls to trick its victims into granting it access to work systems "through legitimate remote access tools.""
""While on the phone, the SRG actor directs the employee to grant access to a remote desktop session. If that attempt fails, SRG""
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]