THE FBI has issued a warning about the Silent Ransom Group (SRG), an extortion gang targeting U.S. law firms through phishing emails and social engineering tactics. SRG impersonates IT support, urging employees to provide remote access to their systems. They also send in-person operatives to insert malicious devices into victims' computers for data exfiltration. Instead of deploying ransomware, SRG exfiltrates sensitive data using tools like WinSCP and Rclone, threatening to sell or publish the stolen data.
To mitigate risks, organizations are advised to verify IT support credentials, limit data access, and employ phishing-resistant multi-factor authentication.