Advanced phishing and social engineering attacks targeting confidential client data increasingly threaten U.S. law firms.
U.S. law firms face escalating threats from the Silent Ransom Group (SRG), also known as Luna Moth, according to a recent FBI Private Industry Notification. The FBI warns that SRG employs sophisticated social engineering methods—impersonating IT support through emails, fraudulent websites, and direct phone calls—to gain unauthorized access to sensitive legal data.
Unlike typical ransomware operations, SRG does not encrypt victim systems. Instead, they steal confidential information and threaten its public release unless victims pay ransoms ranging from $1 million to $8 million, as detailed in an EclecticIQ analysis reported by BleepingComputer.
BleepingComputer notes that SRG registered at least 37 domains via GoDaddy, specifically designed to mimic legitimate IT helpdesk portals for prominent U.S. law firms and financial institutions. These deceptive portals trick employees into installing remote monitoring and management (RMM) software such as Syncro, Zoho Assist, Atera, AnyDesk, and Splashtop, granting attackers direct access to sensitive data.
The FBI advises law firms to counteract rapidly evolving threats like Luna Moth by integrating advanced threat detection, continuous network monitoring, realistic scenario-based employee training, rapid response capabilities, and proactive, intelligence-driven defense strategies.
Published May 26, 2025.
