The Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is conducting targeted extortion attacks against U.S. law firms by using social engineering techniques to impersonate IT support staff. They initiate contact via phone calls or phishing emails to persuade employees to grant remote desktop access or, failing that, send operatives in person to physically connect storage devices to victim computers to steal data. The stolen data is leveraged for ransom demands and extortion through leak threats and direct pressure on victims' employees or clients. This group has been active since 2022, evolving from prior affiliations with ransomware syndicates. The FBI has issued alerts highlighting these tactics and indicators of compromise, emphasizing the physical and social engineering nature of the threat rather than software vulnerabilities.

The impact involves unauthorized data theft from targeted organizations, primarily U.S.-based law firms, through social engineering and physical access. The stolen data is used for extortion, including ransom demands and threats to publicly release or sell sensitive information. This can lead to financial loss, reputational damage, and operational disruption for victims. There are no technical exploits or software vulnerabilities involved; the threat relies on human factors and physical intrusion.

There is no software patch or technical fix since this threat involves social engineering and physical access. Organizations should educate employees to verify IT support requests through known channels and be wary of unsolicited calls or emails requesting remote access. Physical security controls should be enforced to prevent unauthorized individuals from accessing company premises or computers. The FBI advisory highlights these as key indicators and recommends vigilance against impersonation attempts. No urgent patch or remediation is applicable.