Silent Ransom Group (SRG) is using impersonation of IT support to target law firms, tricking employees into granting remote access or allowing in-person device insertion. The group then quickly steals data, avoids deploying ransomware, and extorts victims by threatening to leak the stolen information online. #SilentRansomGroup #SRG #WinSCP #Rclone #FBI
Keypoints
- SRG is targeting law firms with fake IT support tactics.
- The group uses phishing emails and direct calls to gain access.
- If remote access fails, attackers may visit in person and insert a device.
- SRG steals data quickly using tools like WinSCP and Rclone.
- The FBI advises strong verification, phishing-resistant MFA, and access controls.