THE article discusses the active extortion campaign by the cybercrime group UNC3753, which targets US legal and financial firms using social engineering techniques. The group, also known as Luna Moth or Silent Ransom Group, employs voice phishing (vishing) to gain remote access to corporate environments without malware, relying instead on human deception. They initiate contact with bland emails, followed by convincing IT impersonation calls that lure victims into installing remote management tools.
Once inside, they extract sensitive data through legitimate access methods. Recently, UNC3753 has escalated their tactics to include physical intrusions, sending operatives to offices to install malicious USB devices when remote methods fail. The group has historical ties to the now-defunct Conti ransomware gang and has shifted focus exclusively to data theft.
Mandiant's report emphasizes the rising threat to firms that hold sensitive client information, recommending robust access controls and staff training to counter these tactics.