Silent Ransom Group Targets U.S. Law Firms Now
🛡️ Mandiant reports the Silent Ransom Group (UNC3753) is targeting U.S. law firms and professional services with invoice-themed phishing followed by voice calls impersonating IT staff. Attackers use callback phishing to trick victims into installing remote support tools like AnyDesk or Zoho Assist, granting access to networks and enabling rapid data theft and extortion. The campaign involves phishing domains, self-destructing messaging, and fast-flux infrastructure to host leak sites.
