Highly active BianLian ransomware operation, which has claimed attacks against Boston Children's Health Physicians, Save The Children, and Canada's Amherstburg Family Health Team, has been suspected by U.S. and Australian law enforcement to have originated from Russia, as well as obtained several affiliates across the country, reports The Record, a news site by cybersecurity firm Recorded Future.
Attacks by the BianLian, which have been completely exfiltration-based extortion since the beginning of the year, have involved the exploitation of Windows and VMware ESXi security vulnerabilities for initial access, with the ransomware gang leveraging various other tools to facilitate lateral movement and data compromise, according to a joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency, and the Australian Cyber Security Centre. "Newer ransomware notes state BianLian group has exfiltrated data and threaten to leak the exfiltrated data if the ransom is not paid," said the FBI, which noted that the gang has also been contacting employees to pressure their organizations into paying the demanded ransom.
Ransomware, Threat Intelligence![(Adobe Stock)](https://image-optimizer.cyberriskalliance.com/unsafe/1920x0/https://files.cyberriskalliance.com/wp-content/uploads/2024/10/AdobeStock_327128576.jpg)
Joint US, Australian advisory sheds more light on BianLian ransomware
![(Adobe Stock)](https://image-optimizer.cyberriskalliance.com/unsafe/1920x0/https://files.cyberriskalliance.com/wp-content/uploads/2024/10/AdobeStock_327128576.jpg)
(Adobe Stock)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds