Silent Ransom Group

Threat Actor updated 6 months ago (2024-05-04T20:54:33.448Z)
Download STIX
Preview STIX
The Silent Ransom Group, also known as Luna Moth, is a notable threat actor that has been engaging in malicious cyber activities since its establishment. Born out of the remnants of Conti, it has collaborated with other groups like Quantum and Roy/Zero to develop unique callback phishing tactics. As of June 2023, this group has been conducting data theft and extortion attacks through these tactics. Victims receive phishing messages containing a phone number, usually related to pending charges on their accounts. Once the victims call the provided number, they are directed to join a legitimate system management tool via a link provided in a follow-up email. On November 8, 2023, the FBI issued a warning about the Silent Ransom Group's callback phishing scam, which was being used to gain initial access to targeted organizations. The group had been using legitimate system management tools to elevate network permissions in these phishing attacks dating back to July. This unique approach involves the use of authentic tools to make remote connections, thereby bypassing conventional cybersecurity measures and gaining unauthorized access to sensitive information. Despite the sophistication of their techniques, the Silent Ransom Group's strategies harken back to traditional scam methods, utilizing callbacks to lure victims. Their modus operandi involves sending phishing messages to potential victims, encouraging them to call a provided phone number under the guise of addressing fictitious account charges. By leveraging these tactics, the Silent Ransom Group has managed to infiltrate various networks and carry out successful ransomware campaigns, posing a significant threat to both private and public sector organizations.
Description last updated: 2023-12-10T19:15:40.342Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Luna Moth is a possible alias for Silent Ransom Group. Luna Moth, also known as the Silent Ransom Group (SRG), is a threat actor that has been identified by the cybersecurity industry for its malicious activities. This entity, which could be an individual, a private company, or part of a government, has been noted for its use of callback phishing scams
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Phishing
Extortion
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Silent Ransom Group Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more