BianLian Ransomware Group: 2024 Activity Analysis

216.73.216.36

BianLian Ransomware Group: 2024 Activity Analysis

· Published 12/07/2024 16:01 · Modified 12/07/2024 16:19

Essential information

Published: 12/07/2024 16:01
Modified: 12/07/2024 16:19
Tags: 2024-07-12 bianlian cybercrime data breach extortion ransomware
Related entities: 8 observables, 1 intrusion sets (apt), 20 techniques (mitre), 1 malware, 8 others

Description

The intelligence report delves into the evolving tactics and operations of the BianLian ransomware group, which has emerged as one of the top three most active ransomware groups. It details the group's shift from encryption tactics to a steal-and-extort model after a decryptor was released. The analysis covers BianLian's 2024 victimology, infrastructure, backdoor tool, and command and control (C2) communications, providing insights into their targeting strategies, infrastructure choices, and malware development approaches.

External references

https://blogs.juniper.net/en-us/security/bianlian-ransomware-group-2024-activity-analysis
https://otx.alienvault.com/pulse/6691536d066317bd5308679a