Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure

Silent Ransom Group (SRG) — an extortion-focused cybercrime group active since 2022 — has been observed using Fast Flux DNS infrastructure and a botnet of compromised IoT and customer premises devices to increase resilience for data extortion campaigns targeting U.S. law firms and other sectors; Resecurity’s report maps global Fast Flux nodes, links SRG to related underground projects, and echoes FBI and allied agency advisories warning of active targeting and social-engineering/in-person attacks.