Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms | Endigest
Google Cloud
Get the latest tech trends every morning
Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.
UNC3753 executes a financially motivated extortion campaign targeting US law firms through social engineering and vishing from January to May 2026.
- •Invoice-themed emails establish pretext for phone calls impersonating IT support to initiate screen-sharing sessions
- •Legitimate tools including Zoom, Teams, AnyDesk, and Bomgar are exploited to gain remote access and bypass security controls
- •BYOD endpoints compromised to pivot into corporate VDI environments and access sensitive legal documents
- •Sensitive files including legal agreements, tax records, and SSNs are exfiltrated via cloud storage, WinSCP, or email
- •Aggressive extortion includes 3-day deadline with threats to publish data and contact clients and employees
This summary was automatically generated by AI based on the original article and may not be fully accurate.
The Hacker News