The Luna Moth group has escalated phishing efforts, primarily targeting the legal and financial sectors in the US by utilizing fake helpdesk domains. Recently linked to callback phishing, they trick victims into calling fake IT helpdesk numbers, leading to the installation of remote monitoring tools like Zoho Assist. These tools facilitate unauthorized access to sensitive information, which the group subsequently threatens to leak unless a hefty ransom between $1 million and $8 million is paid. Researchers note that this group has registered at least 37 impersonated domains to enhance their scams.
As of March 2025, Luna Moth has registered at least 37 domains through GoDaddy to support its callback phishing campaigns, primarily targeting major US law firms.
The Luna Moth group has shifted from deploying ransomware to focusing on data theft and extortion, with demands reaching up to seven figures.
Collection
[
|
...
]