One of the nastiest ransomware groups around may have a whole new way of doing things




  • CISA updates advisory on BianLian, originally published in May 2024
  • Agency claims the group is moving away from deploying the encryptor
  • Instead, BianLian exfiltrates sensitive data and threatens to release it

The infamous BianLian ransomware group has stopped deploying an encryptor on victim devices, and now focuses exclusively on data exfiltration, an updated security advisory from the US Cybersecurity and Infrastructure Security Agency (CISA), and partner agencies has warned.

CISA, alongside the FBI and Australian Cyber Security Centre, first published an in-depth report on BianLian in May 2024 as part of its #StopRansomware effort, detailing the group’s techniques, tactics, and procedures, but this has now been updated with new information, including the changes to the group’s modus operandi.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *