The infamous Silent Ransom Group (SRG) ransomware gang is relying on a fast flux network of infected devices to hide its infrastructure, Resecurity warns.
Also tracked as Chatty Spider, Luna Moth, and UNC3753, SRG uses voice phishing (vishing) and social engineering to gain remote access to victims’ environments.
The ransomware group typically sends phishing emails themed around data migration or invoices, and encourages recipients to engage in phone conversations with group members posing as IT specialists, who convince the victims to host screen-sharing sessions and install remote access software.
SRG is mainly known for targeting law firms in the US, and for sending operatives in person to insert USB drives into victims’ computers, either for data exfiltration or malware deployment, a recent FBI alert revealed.
In addition to law firms, the ransomware gang was seen targeting finance, healthcare, insurance, and hospitality firms, all of which handle sensitive information.
