Joint US, Australian advisory sheds more light on BianLian ransomware

Share This Post



Highly active BianLian ransomware operation, which has claimed attacks against Boston Children’s Health Physicians, Save The Children, and Canada’s Amherstburg Family Health Team, has been suspected by U.S. and Australian law enforcement to have originated from Russia, as well as obtained several affiliates across the country, reports The Record, a news site by cybersecurity firm Recorded Future.

Attacks by the BianLian, which have been completely exfiltration-based extortion since the beginning of the year, have involved the exploitation of Windows and VMware ESXi security vulnerabilities for initial access, with the ransomware gang leveraging various other tools to facilitate lateral movement and data compromise, according to a joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency, and the Australian Cyber Security Centre. “Newer ransomware notes state BianLian group has exfiltrated data and threaten to leak the exfiltrated data if the ransom is not paid,” said the FBI, which noted that the gang has also been contacting employees to pressure their organizations into paying the demanded ransom.

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Do You Want To Boost Your Business?

drop us a line and keep in touch