Luna Moth Strikes Again: FBI Warns Law Firms of New Social Engineering Scam!

The FBI warns law firms of social engineering attacks by Luna Moth, a criminal extortion actor. Luna Moth uses IT-themed calls and callback phishing to gain remote access and extort victims. Known for using legitimate tools to avoid detection, Luna Moth has been active since 2022, targeting U.S. legal and financial sectors.

3P
Published: May 27, 2025 8:29 amAdded: May 27, 2025 at 1:57 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Luna Moth is fluttering through law firms with all the finesse of a caffeinated hacker! When the FBI sends out an advisory, you know it’s time to stop answering those mysterious customer service calls. Remember, if it sounds like an IT emergency but smells like an invoice scam, it’s probably Luna Moth trying to get their cyber claws into your data. Who knew moths could be so chatty?

Key Points:

  • Luna Moth, aka Chatty Spider, is targeting law firms using IT-themed social engineering and callback phishing.
  • The campaign involves phone calls and emails tricking victims into granting remote access for data theft.
  • Victims are then extorted to prevent the publication or sale of their sensitive data.
  • Attackers use legitimate tools like Rclone and WinSCP to exfiltrate data undetected by security systems.
  • Multiple fake helpdesk domains have been registered to spoof targeted organizations.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?