Mandiant reports that UNC3753, also known as Luna Moth, Chatty Spider, and Silent Ransom Group, carried out a fast-moving data theft extortion campaign against U.S. professional, legal, and financial services organizations. The group used vishing, IT helpdesk impersonation, RMM tools, and even possible physical office intrusions to steal sensitive data and pressure victims through LEAKEDDATA-based extortion. #UNC3753 #LunaMoth #ChattySpider #SilentRansomGroup #LEAKEDDATA
Keypoints
- UNC3753 targeted U.S. legal, professional, and financial services organizations.
- The group used vishing and IT helpdesk impersonation for initial access.
- Attackers abused Zoom, Teams, Quick Assist, AnyDesk, and other RMM tools.
- Stolen data included legal agreements, PII, tax records, and financial files.
- The group issued rapid extortion demands and threatened publication on LEAKEDDATA.
Read More: https://cloud.google.com/blog/topics/threat-intelligence/targeted-campaign-us-law-firms