Even your physical offices aren't safe from hackers — experts warn of Silent Ransom Group breaking into businesses to launch ransomware and extortion campaign

News
By published

Google is warning about hackers walking into offices

A hand holding a credit card in front of a laptop screen with Matrix-style data on it
(Image credit: Getty Images)
  • SRG hit dozens of US firms using IT‑support impersonation, including in‑person intrusions
  • Attackers stole data via onsite USB exfiltration, then extorted victims
  • Group linked to BazarCall, Conti, and Ryuk, with law firms a primary focus

Hackers known as Silent Ransom Group (SRG) have been targeting different businesses in the US, compromising “dozens” between January and May 2026, experts have warned.

Cybersecurity researchers at Google Mandiant and Google Threat Intelligence Group (GTIG) have echoed warnings shared by the FBI, noting how the hackers, also known as Chatty Spider, Luna Moth, or UNC3753, targeted primarily firms in professional, legal, and financial services.

Their tactic is simple - impersonate the IT department, trick victims into granting access to their computers, then use that access to either deploy infostealers, or to steal files right on the spot.

Latest Videos From

Walking into offices

In some cases, the hackers would call their victims on the phone and pretend to be IT support - similar to what ShinyHunters used to do last year. However, SRG took the scam to a whole new level by having its members walk into their targets’ offices - in the flesh - and use the computers on the spot.

"By sending someone in-person to the victim's location to facilitate the intrusion, SRG actors exfiltrate data to an external hard drive or USB drive inserted by the threat actor into the victim's computer," the FBI said at the time.

Once they steal the data, the attackers begin ransom negotiations, offering to delete the files in exchange for payment. Victims are usually warned that the data will be leaked publicly if they refuse to comply, and a dedicated website is propped up for that purpose, as well.

SRG was first seen back in 2022, and while it struck organizations in different industries, it is primarily focused on law firms in the US. Some sources said the group was previously linked to BazarCall campaigns, as well as Conti and Ryuk ransomware incidents.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.