AnyDesk is explicitly named as one of the remote access tools installed by Silent Ransom Group operators during active intrusions against U.S. law firms. No vulnerability in AnyDesk is being exploited; victims are social-engineered into downloading and executing the AnyDesk client, granting attackers full remote desktop control. AnyDesk’s standalone executable model — which requires no administrative installation in some configurations — makes it particularly easy to deploy via social engineering without triggering UAC prompts or software installation alerts.