BianLian explained

BianLian is a cybercriminal ransomware group based in Russia (almost certain) which target organizations in US (critical infrastructures sectors - CNI), Australia (private enterprises) and UK since June 2022.[1] [2] [3] [4] By 2023, the group had exfiltrated the files and encrypted the victim's systems - double-extortion method.In 2023, the group shift to data theft extortion (exfiltration-based extortion).[5] They use valid Remote Desktop Protocol credentials to gain access to the systems.[6] In 20 November 2024, FBI, United States’ Cyber Security and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint security advisory about BianLian ransomware group.[6]

See also

Notes and References

  1. Web site: BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk. James. Coker. November 21, 2024. Infosecurity Magazine.
  2. Web site: BianLian cyber gang drops encryption-based ransomware | Computer Weekly. ComputerWeekly.com.
  3. Web site: 2024-11-20 . 2023-05-16 . #StopRansomware: BianLian Data Extortion Group . live . https://web.archive.org/web/20241121225224/https://www.cisa.gov/sites/default/files/2024-11/aa23-136a-joint-csa-stopransomware-bianlian-ransomware-group.pdf . 2024-11-21 . 2024-11-25 . . Product ID: AA23-136A.
  4. https://www.bleepingcomputer.com/news/security/bianlian-ransomware-claims-attack-on-boston-childrens-health-physicians/
  5. Web site: CISA says BianLian ransomware now focuses only on data theft. BleepingComputer.
  6. Web site: Advisory warns of activity by BianLian ransomware group | AHA News. www.aha.org.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "BianLian".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2025, A B Cryer, All Rights Reserved. Cookie policy.