Beware the Silent Threat: How Law Firms Are Being Targeted by Cybercriminals

A new alert from the FBI warns of a sophisticated cybercrime group known as Silent Ransom Group (SRG), also referred to as Luna Moth or Chatty Spider, that has been aggressively and consistently targeting U.S. law firms since early 2023. These bad actors are exploiting human vulnerability through convincing social engineering tactics, such as fake IT support calls and phishing emails, to gain remote access to company systems. Once inside, they steal sensitive data and hold it ransom, threatening public exposure unless payment is made.

What makes SRG especially dangerous is their evolving methods. Initially known for phishing emails disguised as fake subscription renewals, these cybercriminals now often pose as internal IT staff and call employees directly. Victims are tricked into granting remote access, often under the guise of after-hours maintenance. Once in, the attackers use tools like WinSCP or Rclone to quietly extract valuable company data, bypassing traditional antivirus detection by using legitimate software in malicious ways.

Businesses of all sizes - not just law firms - should consider this a serious warning. SRG has also been known to target organizations in healthcare, insurance, and beyond. Because these attacks leave few technical traces, prevention through staff awareness and strong security protocols is essential. Ensure your team is trained to spot phishing attempts, verify internal IT communications, and never download or run unknown software without confirmation.

Our recommendation: now is the time to audit your remote access policies, enforce multi-factor authentication, and conduct a refresher course for employees on phishing awareness. At Wright Technology Group, we help our clients stay ahead of evolving threats like SRG. If you need help reviewing your security posture or training your team, contact us. We’re here to help protect what matters most.