The following information is being provided by the FBI, with no guarantees or warranties, for potential use at the sole discretion of recipients to protect against cyber threats. This data is provided to help cyber security professionals and system administrators guard against the persistent malicious actions of cyber actors. This PIN was coordinated with DHS/CISA. PIN Number 20250523-001
Summary
The cyber threat actor Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims. While SRG has historically victimized companies in many sectors, starting Spring 2023, the group has consistently targeted US-based law firms, likely due to the highly sensitive nature of legal industry data.
*SRG targets other sectors as well, to include companies in the medical industry and insurance industry. However, most of SRG’s victims are law firms or companies with similar naming conventions.
Read the full industry notification with indicators and recommendations for law firms on the government’s ic3 site.