Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

BianLian Shifts to Data Extortion Tactics

November 22, 2024
Reading Time: 2 mins read
in News
BianLian Shifts to Data Extortion Tactics

The FBI has issued a new advisory revealing that the notorious BianLian ransomware group is likely based in Russia, with multiple Russian affiliates. The group, previously known for its ransomware attacks on organizations such as Save The Children and Boston Children’s Health Physicians, has recently shifted tactics. Instead of relying on traditional ransomware encryption, BianLian now focuses exclusively on exfiltrating data from victims and extorting them for ransom. This shift began in January 2024, marking a significant change in their operations and strategy.

The FBI and the Australian Cyber Security Centre have observed BianLian exploiting critical vulnerabilities in public-facing applications, particularly within Windows and ESXi infrastructure. Notably, the group has leveraged the ProxyShell vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to gain initial access. They have also exploited CVE-2022-37969, a vulnerability affecting Windows 10 and 11, further expanding their reach. This shift in their approach indicates a growing sophistication in their tactics, as they adapt to avoid detection and improve the success of their extortion schemes.

To maintain access and navigate through compromised systems, BianLian has been observed creating multiple administrator accounts within victim networks. The group has also ramped up its psychological pressure on victims, printing ransom notes on company printers and even contacting employees directly. These tactics are designed to increase fear and urgency, pushing victims to pay the ransom. The ransom notes now threaten to leak sensitive exfiltrated data if the demands are not met, increasing the stakes for affected organizations.

In response to the group’s evolving tactics, the FBI has advised organizations to bolster their defenses and stay vigilant. The BianLian ransomware group’s shift from encryption-based attacks to data exfiltration and extortion marks a new phase in the ransomware landscape. With their ability to target critical vulnerabilities and apply mounting pressure on victims, BianLian is emerging as a major threat to both private and public sector entities. This highlights the urgent need for improved cybersecurity measures and collaboration across international law enforcement to combat the growing threat of ransomware.

Reference:

  • FBI Identifies BianLian Ransomware Shifting to Data Extortion Tactics
Tags: BianLian ransomwareCyber NewsCyber News 2024Cyber threatsFBIHealthNovember 2024Russia
ADVERTISEMENT

Related Posts

UK Cyber Talent Demand High With Skills Gap

Japan enacts a new Cyberdefense Law

May 19, 2025
UK Cyber Talent Demand High With Skills Gap

Hackers Net $1M For ZeroDay Flaws at Pwn2Own

May 19, 2025
UK Cyber Talent Demand High With Skills Gap

UK Cyber Talent Demand High With Skills Gap

May 19, 2025
Lawmakers Urge Cyber Bill Renewal Soon

Lawmakers Urge Cyber Bill Renewal Soon

May 16, 2025
Lawmakers Urge Cyber Bill Renewal Soon

US Charges 12 More in $230M Crypto Theft

May 16, 2025
Lawmakers Urge Cyber Bill Renewal Soon

Proofpoint to Acquire Hornetsecurity

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Poland’s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgia’s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial