Silent Ransom Group Now Sending Fake IT Staff to Physically Breach Law Firms

SRG targets US law firms with sophisticated scams, impersonating IT to gain access. FBI advises strict verification and training.

By Content Team

May 31, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A cybercriminal group called Silent Ransom Group (SRG) has escalated its attacks on US law firms by impersonating IT staff — both over the phone and in person. Since 2023, the group has targeted law, insurance, finance, and healthcare firms using callback scams to trick employees into granting remote desktop access.

As of spring 2026, the FBI warns that when remote access fails, SRG sends an actor physically to the victim's office, convincing staff to plug in an external drive under the guise of IT maintenance. Data is then quietly exfiltrated using legitimate tools like WinSCP or Rclone — making traditional antivirus detection unlikely.

The FBI recommends verifying all visitor credentials, disabling external drive permissions, enforcing phishing-resistant MFA, and training staff to authenticate IT requests before granting any access.

Source: Infosecurity Magazine

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Google Warns of Hackers Using AI to Create Working Zero-Day Exploit

May 12, 2026

Microsoft Patches 6 Actively Exploited Zero-Days in February Security Update

Feb 11, 2026

Four Laravel-Lang Packages Poisoned in Supply Chain Attack

May 27, 2026

Google's Vertex AI Default Settings Allow Privilege Escalation Attacks

Jan 18, 2026