Luna Moth Strikes Again: Phishy Business in Legal and Financial Sectors

Luna Moth, aka Silent Ransom Group, is ramping up its callback phishing campaigns targeting U.S. legal and financial institutions. By masquerading as IT support, they trick victims into downloading remote monitoring software, gaining access to sensitive data. No malware needed—just a good old-fashioned con with a tech twist!

3P
Published: May 5, 2025 10:22 pmAdded: May 5, 2025 at 3:31 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

In a plot twist worthy of a Hollywood heist movie, Luna Moth, a.k.a. Silent Ransom Group, is proving that you don’t need ransomware to pull off a spectacular cybercrime. Who knew that pretending to be IT support could rake in millions faster than a Hollywood blockbuster’s opening weekend?

Key Points:

  • Luna Moth, also known as Silent Ransom Group, is targeting U.S.-based legal and financial institutions.
  • These cybercriminals use sophisticated callback phishing techniques with no reliance on traditional ransomware.
  • Victims are tricked into installing legitimate remote monitoring & management (RMM) tools.
  • Attackers use these tools for data theft and extortion, demanding ransoms up to $8 million.
  • Organizations are advised to block suspicious domains and restrict unapproved RMM tools.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?