The Silent Ransom Group, also known as Luna Moth, is a notable threat actor that has been engaging in malicious cyber activities since its establishment. Born out of the remnants of Conti, it has collaborated with other groups like Quantum and Roy/Zero to develop unique callback phishing tactics. As of June 2023, this group has been conducting data theft and extortion attacks through these tactics. Victims receive phishing messages containing a phone number, usually related to pending charges on their accounts. Once the victims call the provided number, they are directed to join a legitimate system management tool via a link provided in a follow-up email.
On November 8, 2023, the FBI issued a warning about the Silent Ransom Group's callback phishing scam, which was being used to gain initial access to targeted organizations. The group had been using legitimate system management tools to elevate network permissions in these phishing attacks dating back to July. This unique approach involves the use of authentic tools to make remote connections, thereby bypassing conventional cybersecurity measures and gaining unauthorized access to sensitive information.
Despite the sophistication of their techniques, the Silent Ransom Group's strategies harken back to traditional scam methods, utilizing callbacks to lure victims. Their modus operandi involves sending phishing messages to potential victims, encouraging them to call a provided phone number under the guise of addressing fictitious account charges. By leveraging these tactics, the Silent Ransom Group has managed to infiltrate various networks and carry out successful ransomware campaigns, posing a significant threat to both private and public sector organizations.
Description last updated: 2023-12-10T19:15:40.342Z