FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person

The FBI alert highlights Silent Ransom Group (aka Chatty Spider/UNC3753/Storm-0252), a Russia-linked data-extortion operation increasingly targeting U.S. law firms by combining social engineering (phishing/impersonation of IT) with the unusual tactic of sending associates to victims’ workplaces to physically connect storage devices and exfiltrate data. The group, active since 2022 and claiming over 100 attacks, focuses on stealing sensitive legal data for extortion rather than deploying encryption, creating significant reputational and privilege risks for legal organizations.