UNC3753
Coverage of UNC3753 in the Nexus archive.
- Beware of hackers showing up pretending to be IT
The FBI warns of the Silent Ransom Group targeting U.S. businesses, particularly law firms, by impersonating IT support. The group uses phone calls to install remote access software or in-person visits with USB drives to steal sensitive data and demand ransoms.
- UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers revealed a data theft extortion campaign targeting U.S. organizations in professional, legal, and financial services between January and May 2026. The campaign, attributed to UNC3753, involved vishing and physical intrusions, with Google Mandiant and Google Threat Intelligence Group identifying the threat actor.
- If you don't fall for these extortionists' calls, they'll show up with USB sticks
A data-theft and extortion group called UNC3753 (also known as Silent Ransom Group) has targeted US banks and law firms using fake help desk calls and in-person USB stick attacks. The group shifts tactics from remote social engineering to physical intrusions when initial methods fail, as confirmed by Google’s Mandiant and corroborated by an FBI alert.
- FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
The FBI warns U.S. law firms about Silent Ransom Group, a cybercrime group impersonating IT support and using in-person visits to steal data. The group, linked to Russia and active since 2022, exploits social engineering and physical access to target legal organizations, causing significant reputational and privilege risks. Experts note its unique tactics and focus on law firms, which have become the fourth-most targeted industry for ransomware attacks in 2024.