FBI warns of in-person data theft attacks from extortion gang
Recorded: May 27, 2026, 1:23 p.m.
| Original | Summarized |
FBI warns of in-person data theft attacks from extortion gang News Featured Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign Laravel Lang packages hijacked to deploy credential-stealing malware Netherlands seizes 800 servers of hosting firm enabling cyberattacks Ubiquiti patches three max severity UniFi OS vulnerabilities FBI warns of in-person data theft attacks from extortion gang Your grocery routine’s easiest upgrade is a Sam’s Club membership for just $25 CISA gives feds 4 days to patch actively exploited cPanel plugin flaw Dutch police arrests suspect linked to Ajax football club hack Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityFBI warns of in-person data theft attacks from extortion gang FBI warns of in-person data theft attacks from extortion gang By Sergiu Gatlan May 27, 2026 The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.This guide covers the 6 surfaces you actually need to validate. Related Articles: Cybercrime Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Upcoming Webinar Popular Stories FBI warns of Kali365 phishing service targeting Microsoft 365 accounts Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign Anthropic’s restricted Claude Mythos model may be coming to Claude Code Sponsor Posts Protect Your Business from Ecommerce Fraud Overdue a password health-check? Audit your Active Directory for free AI is a data-breach time bomb: Read the new report 33% Rise in Healthcare Credential Theft in 2025: What you need to know Upcoming Webinar Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
The Federal Bureau of Investigation has issued a warning regarding in-person data theft attacks orchestrated by the Silent Ransom Group (SRG) extortion gang targeting U.S.-based law firms. The threat actors employ sophisticated social engineering schemes to gain initial access to sensitive corporate data. As of Spring 2026, SRG actors utilize impersonation tactics by posing as employees from a victim's IT department, either through direct calls or phishing emails, to coerce staff into granting access to a remote desktop session. If remote access is unsuccessful, the actors escalate their strategy by dispatching individuals to the victim's physical location to physically insert storage devices, such as USB drives or external hard drives, into company computers to exfiltrate data. The FBI highlighted that the indicators of an SRG attack include the unauthorized installation of external hard drives or USB drives onto company systems, as well as the presence of unidentified individuals claiming to be IT support attempting to access computers in person. The group, also known by aliases such as Luna Moth, Chatty Spider, and UNC3753, has been actively targeting legal and financial organizations in the United States since early 2023. This group’s origins trace back to a separation from the Conti cybercrime syndicate in March 2022, after which they focused on data theft and extortion following targeted phishing attacks. Previously, this same group was implicated in BazarCall campaigns that provided initial network access for the Conti and Ryuk ransomware attacks. The extortion process carried out by the SRG involves threatening victims by threatening to sell or post the stolen data on leak sites, often coupled with pressure tactics directed at employees or clients to initiate ransom negotiations. Furthermore, the group has demonstrated an ability to manipulate digital identity, as reports indicate that the threat actors register domains designed to impersonate IT helpdesk or support portals for major U.S. law firms and financial services firms, utilizing typosquatted patterns for deception. This evolution of tactics is supported by prior warnings, such as a May 2025 notification, which noted that the same extortion gang had been engaging in callback phishing and social engineering attacks against law firms for over two years. |