The FBI warns that the Silent Ransom Group (SRG) primarily targets US law firms but has also attacked medical and insurance organizations. SRG has shifted tactics from phishing emails to impersonation calls, using remote access to exfiltrate data and demand ransom with threats of leaking sensitive information. #SilentRansomGroup #FBIAlert
Keypoints
- SRG has been active since 2022, known for extorting organizations through data theft and threats of leaking information.
- The group initially used callback phishing emails, then shifted to phone call impersonations of IT staff.
- SRG gains access via remote access tools like WinSCP and Rclone, often unnoticed by traditional antivirus software.
- Victims receive ransom demands via email or calls, with threats to release confidential data online.
- Organizations are advised to train employees on phishing, implement multi-factor authentication, and regularly back up data.
Read More: https://www.securityweek.com/law-firms-warned-of-silent-ransom-group-attacks/