Tag Archive for: Pure

BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion


The BianLian ransomware group is ramping up its operations and maturing as a business, moving more swiftly than ever to compromise systems. It’s also moving away from encryption to pure data-theft extortion tactics, in cyberattacks that have so far bagged at least 116 victims, researchers have found.

BianLian, first discovered last July, hasn’t deviated much from its initial tactic: deploying a custom go-based backdoor once it infiltrates a network. The functionality of the malware essentially remains the same except for a few tweaks, researchers from Redacted said in a blog post published today.

However, the swiftness with which the group’s command-and-control server (C2) deploys the backdoor has increased, and the group notably has moved away from ransoming encrypted files to focusing more on pure data-leak extortion as a means to extract payments from victims, the researchers said.

“BianLian has discovered that they don’t need to actually encrypt victim networks to get paid,” Adam Flatley, vice president of intelligence at Redacted, says.

This shift to focus on data-leak extortion is “extremely dangerous,” because it allows the group to take the time and effort to tailor the threats to specific victims and exert more pressure to pay ransoms, he adds.

“BianLian will have an even stronger pressure position on trying to force their victims to not work with the FBI, to not report the incident, and just pay the ransom and move on,” Flatley says.

BianLian’s motivation for changing its encryption strategy is likely a response to Avast’s release of an encryption tool for organizations that have been targets of the group to unlock their files, the researchers noted.

Given that BianLian has used double-extortion methods from the outset — threatening to release a victim organization’s stolen data online if a ransom wasn’t paid by a certain deadline — the group decided to skip the encryption step and go right to extortion, according to Redacted.

Maturing As a Cyberattack Business

This shift is part of BianLian’s overall evolution and maturation as a business, the researchers said. While from its inception the group has had “a high level of operational security and skill in network…

Source…

China: Spying allegations against NYC cop ‘pure fabrication’ – ABC News

  1. China: Spying allegations against NYC cop ‘pure fabrication’  ABC News
  2. US charges NY police officer with spying for China  Al Jazeera English
  3. NYPD officer charged with spying on Tibetan immigrants for China  The Guardian
  4. NYPD officer charged with spying for China  BBC News
  5. New York City police officer spied on fellow Tibetans for China, prosecutors charge  CNBC
  6. View Full Coverage on read more

“china espionage” – read more

Patch smartphones to avoid compromises: Pure Hacking – Computerworld Australia

Security patching must move beyond the computer to the smartphone as … “There is not one anti-virus system on the marketplace that can ward off a persistent hacker and phishing attack,” he said. “I cannot emphasise that enough to organisations and …
Read more