Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Silent Ransom Group US law firm IT impersonation campaign

Campaign
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

The Silent Ransom Group (SRG) is escalating a campaign against US-based law firms, using IT impersonation, remote access tricks, and in-person access attempts to reach corporate systems. The operation has been active since 2023 and had evolved further by spring 2026, raising the risk of stealthy compromise and data theft across the legal sector.

Related Happenings

U.S. sentencing of Deniss Zolotarjovs in Karakurt ransomware case

Law Enforcement
First: 05.05.2026 13:13 Last: 05.05.2026 13:13 Sources 1

About this happening: **Deniss Zolotarjovs** was **sentenced to 8.5 years in prison** in the **United States** for serving as a **Karakurt ransomware** negotiator, resolving a cross-border cybercrime c...

Open Happening

Aleksey Olegovich Volkov sentenced in Yanluowang ransomware case

Law Enforcement
First: 24.03.2026 15:06 Last: 24.03.2026 15:06 Sources 1

About this happening: The **Justice Department** said **Aleksey Olegovich Volkov** was **sentenced to 81 months** in prison for serving as an **initial access broker** in **Yanluowang ransomware** atta...

Open Happening

BlackCat (ALPHV) multi-victim ransomware extortion campaign against U.S. companies

Campaign
First: 30.12.2025 17:25 Last: 30.12.2025 17:25 Sources 1

About this happening: Two former cybersecurity workers pleaded guilty for participation in a **BlackCat (ALPHV)** ransomware extortion campaign that hit **multiple U.S. victims**, showing how affiliate...

Open Happening

Nefilim ransomware extortion campaign targeting high-revenue businesses

Campaign
First: 22.12.2025 11:46 Last: 22.12.2025 11:46 Sources 1

About this happening: A **Nefilim** ransomware campaign now includes the **U.S. Department of Justice** charging **Volodymyr Viktorovich Tymoshchuk** for allegedly serving as an administrator of the op...

Open Happening

Scattered LAPSUS$ Hunters shifts from borrowed encryptors to ShinySp1d3r RaaS

Threat Actor Meta
First: 26.11.2025 19:22 Last: 26.11.2025 19:22 Sources 1

About this happening: **Scattered LAPSUS$ Hunters (SLSH)** has shifted from using other gangs’ encryptors to launching **ShinySp1d3r**, giving the group its own **ransomware-as-a-service** brand and gr...

Open Happening

Timeline

  1. 29.05.2026 16:00 2 articles · 2h ago

    Silent Ransom Group targets US law firms with IT impersonation and data theft

    Initial Disclosure

    The FBI warns that Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider and UNC3753, has targeted US-based law firms since 2023 and, by spring 2026, was impersonating IT staff by phone, phishing email and in-person access attempts to obtain remote access, exfiltrate data with WinSCP or hidden or renamed Rclone, and move stolen data to Google Drive or Microsoft OneDrive.

    Show sources
    Open in new tab