From January through May 2026, Mandiant identified a financially motivated data theft extortion campaign executed by the threat cluster UNC3753 (also tracked as “Luna Moth,” “Chatty Spider,” and “Silent Ransom Group”) targeting dozens of organizations across professional, legal, and financial services in the United States.
UNC3753 leverages voice phishing (vishing) and social engineering deception techniques to achieve remote access into corporate environments. Using pretexts such as data migration or invoice related emails, the threat actors initiate phone conversations posing as IT support and convince targets to host screen-sharing sessions and download remote monitoring and management (RMM) utilities.
Read more…
Source: Mandiant
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Most recent cyber attacks on water systems won’t be the last, says cybersecurity expert
May 23, 2024
More government agencies are taking steps to shore up their cybersecurity measures. Earlier this week, the Environmental Protection Agency announced it would step up inspections of water facilities that may be vulnerable to cyberattacks. Why are government agencies more at risk when it comes to cyberattacks and operational vulnerabilities? Read more… Source: MSN News Sign up for our Newsletter Related:
- Cyber Signals: Inside the growing risk of gift card fraud
May 23, 2024
Multifactor authentication Security operations In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank account attached to them, which can lessen scrutiny of ...
- Bank of Russia reports rising number of cyber attacks on financial infrastructure
May 23, 2024
The Bank of Russia reported an increase in the number of attacks on suppliers of various IT solutions used in the financial market, the regulator said in its report. “It is particularly noteworthy that attacks on third parties – suppliers of various IT solutions utilized in the financial market – have increased in frequency in 2023. ...
- Cyber attacks on construction firms jump, new report finds
May 23, 2024
A new report has said that cyber attacks on construction companies doubled in the first quarter of this year compared to the same period in 2023. Risk advisory firm Kroll said the increase in attacks was “most likely due to the increased sophistication of business email compromise for either financial gain or as a pivot into ...
- London council warns residents’ data may have been compromised by cyber attack on healthcare provider
May 22, 2024
A London council has warned residents their personal data may have been compromised after a healthcare provider was hit by a cyber attack. The City of London Corporation said it is working with NRS Healthcare to understand the extent of the breach, and will be in contact with any residents whose information has been taken. The ...
- New Caledonia foils a cyberattack “of unprecedented strength”
May 22, 2024
Millions of emails, from “different countries”, were sent to New Caledonia on Tuesday, May 21, after the announcement of Emmanuel Macron’s visit to the territory. “An access provider suffered an attack to saturate the New Caledonian network. The teams managed to control this attack. Millions of emails were sent simultaneously to an email address, which was ...