U.S. law firms have been alerted by the FBI regarding callback phishing and social engineering intrusions launched by the Luna Moth ransomware operation, also known as Silent Ransom Group, Chatty Spider, and UNC3753, just after EclecticIQ disclosed that the ransomware gang has been spoofing IT helpdesks to compromise legal and financial organizations across the country, reports BleepingComputer.
Attacks by Luna Moth against law firms over the past two years involved the impersonation of targeted entities' IT support across various platforms to lure employees into providing remote device access, which would then be followed by minimal privilege escalation, data theft via WinSCP or an obfuscated Rclone version, and extortion efforts, according to the FBI. Organizations targeted by Luna Moth were reported by EclecticIQ to have been demanded to pay ransoms ranging from $1 million to $8 million. Such a threat has prompted the FBI to urge the implementation of stronger passwords and multi-factor authentication, as well as routine data backups and phishing training programs for employees.
Attacks by Luna Moth against law firms over the past two years involved the impersonation of targeted entities' IT support across various platforms to lure employees into providing remote device access, which would then be followed by minimal privilege escalation, data theft via WinSCP or an obfuscated Rclone version, and extortion efforts, according to the FBI. Organizations targeted by Luna Moth were reported by EclecticIQ to have been demanded to pay ransoms ranging from $1 million to $8 million. Such a threat has prompted the FBI to urge the implementation of stronger passwords and multi-factor authentication, as well as routine data backups and phishing training programs for employees.
