FBI warns extortion hackers are visiting US law firms to steal data

Source: The Record

A cyber extortion group linked to the now-defunct Conti ransomware syndicate is increasingly targeting U.S. law firms through a mix of phishing, fake IT support calls, and even in-person visits to steal sensitive data, according to a new FBI warning. The FBI said the Silent Ransom Group (SRG), has consistently targeted U.S. law firms since 2023 using social engineering schemes to gain remote access to corporate systems and exfiltrate data. The latest campaign, observed this spring, involves attackers posing as internal IT personnel. Victims receive phone calls or phishing emails urging them to contact what appears to be a company help desk. During those interactions, employees are persuaded to grant remote desktop access to their computers, allowing attackers to move quickly through corporate systems and steal files. If those efforts fail, the group may send an individual to a victim's office to obtain physical access to a computer. Full Story