Luna Moth

Threat Actor updated a month ago (2024-11-29T14:50:07.552Z)

Download STIX

Preview STIX

Luna Moth, also known as the Silent Ransom Group (SRG), is a threat actor that has been identified by the cybersecurity industry for its malicious activities. This entity, which could be an individual, a private company, or part of a government, has been noted for its use of callback phishing scams as a method to exploit its victims. The group's tactics involve sending phishing messages to victims, often with content related to pending charges on their accounts, in order to lure them into revealing sensitive data. In June 2023, the FBI reported that SRG had been observed conducting callback phishing data theft and extortion attacks. The group was found to be deploying these attacks through call centers, further enhancing their ability to trick victims into sharing their personal information. These attacks involve the victim receiving a phone number in a phishing attempt, usually linked to alleged pending charges on their account. The Silent Ransom Group, or Luna Moth, has shown a consistent pattern of using these old tricks, particularly callbacks, to execute their phishing schemes. In one cited campaign, the group began by sending phishing messages to victims containing a phone number, typically associated with pending charges on the victims' accounts. The continuous use of such tactics underscores the need for increased vigilance and robust cybersecurity measures to protect against such threat actors.

Description last updated: 2024-01-06T00:38:15.195Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Silent Ransom Group is a possible alias for Luna Moth. The Silent Ransom Group, also known as Luna Moth, is a notable threat actor that has been engaging in malicious cyber activities since its establishment. Born out of the remnants of Conti, it has collaborated with other groups like Quantum and Roy/Zero to develop unique callback phishing tactics. As	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Phishing

Extortion

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Luna Moth Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	FBI Warns of Emerging Ransomware Initial Access Techniques
CERT-EU	a year ago	FBI Alert: Silent Ransom Group Utilizes Callback Phishing for Network Hacks
CERT-EU	a year ago	Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
CERT-EU	a year ago	Silent Ransom Group ramps up callback phishing attacks
Securityaffairs	a year ago	FBI: Ransomware actors abuse third parties and legitimate system tools for initial access