Hackers are knocking on office doors pretending to be IT staff

The FBI warns that the Silent Ransom Group (SRG), also known as Luna Moth/Chatty Spider/UNC3753 and active since at least 2022, is targeting law firms (and other sectors) using callback phishing, phone-based social engineering, and even in-person impersonation of IT staff to gain remote or physical access, steal data, and extort victims via ransom demands and leak sites; the group commonly uses legitimate system management and remote-access tools to evade detection. The alert notes few artifacts are left on compromised machines and recommends verifying IT personnel, training against callback phishing, enforcing MFA, restricting unauthorized remote-access tools, and reviewing help-desk procedures.