Silent Ransomware Gang Ploys Fake IT Support Calls to Target Law Firms
- Nishadil
- June 08, 2026
- 0 Comments
- 2 minutes read
- 5 Views
- Save
- Follow Topic
Law firms hit by Silent ransomware group posing as tech support
A little‑known ransomware crew called “Silent” has started ringing up law offices, pretending to be IT help desks. The scammers then drop malware, locking files and demanding payment.
It sounds like a scene out of a thriller – a nervous lawyer receives a call from someone claiming to be from the firm’s IT department, asking for remote access to "fix" a problem. In reality, the caller is part of a ransomware outfit that’s been quietly hunting law firms.
The group, which security researchers have dubbed “Silent,” isn’t new to the cyber‑crime world, but its latest playbook is a twist on an old trick. Instead of phishing emails or malicious attachments, the attackers are making phone calls. They pose as friendly tech support agents, complete with rehearsed scripts, and persuade victims to install remote‑desktop tools.
Once the malicious actor gains a foothold, they deploy ransomware that encrypts the firm’s documents, emails, and case files – the very lifeblood of a legal practice. With sensitive client information suddenly inaccessible, the pressure to pay the ransom skyrockets.
What makes this campaign especially concerning is the choice of target. Law firms hold a trove of confidential data, from corporate contracts to personal details about clients. A breach can mean not only financial loss but also reputational damage and potential legal liabilities.
Security experts say the “Silent” gang is likely leveraging publicly available information – such as LinkedIn profiles or company websites – to make their calls sound believable. They may even reference recent software updates or known issues to add credibility.
Defending against this kind of social engineering requires a mix of technology and good old‑fashioned vigilance. Organizations should enforce strict policies that any remote‑access request must be verified through an independent channel, like a known email address or a direct call to the IT department using a known number.
Regular employee training can also go a long way. When staff members know that legitimate IT staff will never ask for passwords over the phone, they’re far less likely to hand over the keys to the kingdom.
For firms that have already fallen victim, experts recommend isolating infected machines, preserving logs for forensic analysis, and contacting law‑enforcement agencies. Paying the ransom is risky – there’s no guarantee the attackers will provide the decryption keys, and it may encourage further attacks.
Overall, the rise of phone‑based ransomware attacks underscores a simple truth: cyber‑threats are evolving, and so must our defenses. A little extra skepticism, combined with solid security policies, can make the difference between a close call and a costly breach.
Editorial note: Nishadil may use AI assistance for news drafting and formatting. Readers can report issues from this page, and material corrections are reviewed under our editorial standards.
