• Home
  • News
  • BianLian Ransomware Gang Targets 2

BianLian Ransomware Gang Targets 2

Bogdan Pătru

By Bogdan Pătru . 18 April 2024

Tech Writer

Miklos Zoltan

Fact-Checked this

BianLian announced 2 more victims recently, Len Dubois Trucking from Canada and Pioneer Oil Company from the US. Neither company has released any public statement regarding the attack. It’s unclear whether the victims have decided to negotiate.

  • BianLian currently ranks as one of the most dangerous and versatile ransomware actors in the world
  • The gang is famous for its ability to change its tactics, MOs, and code to evade detection and exploit the victims’ vulnerabilities
  • This recent attack comes in the context of increased ransomware breaches at a global scale
  • BianLian’s favorite attack method involves spearphishing emails, followed by automated infiltration and deployment

BianLian is one of the undisputed leaders in the ransomware sphere, despite not being as active as other gangs. One of the main reasons for its success is its closed circuit. BianLian operates as a lone wolf with no known affiliates or outside connections.

This is rather rare in the ransomware business, where malware actors are known to often cooperate with each other. Most ransomware groups also rely on affiliates to spread their influence and make an easy profit.

The use of affiliates also takes the heat off of the gang itself, as the tactic sends law enforcement agencies on ghost-hunting. The fact that BianLian doesn’t rely on that while still remaining virtually impenetrable speaks volumes about their adaptability and professionalism.

X showing the BianLian attack on the 2 victims
https://twitter.com/FalconFeedsio/status/1780506491214021083

It’s also important to note that BianLian advanced its tactics and reach since its inception dramatically. The group only targeted medium-sized companies spanning across a handful of sectors. With time, the hackers diversified their reach and approaches.

This changes with time, as BianLian improves its tactics and tools and starts using a more sophisticated and advanced ransomware package. This allowed the hackers to target high-end companies across a variety of industries.

Today, BianLian aims to maximize its profits with every hit, prioritizing high-profile corporations, no matter their magnitude or defenses.

How to Defend Against BianLian?

The bitter truth is that it’s very difficult to build a fail-proof strategy against a determined ransomware actor. Especially one as effective and versatile as BianLian. But there are ways to mitigate the risk.

One of them is to educate yourself and your employees regarding the risks and how to avoid traps. In most cases, the humans are the vulnerable component in cases of ransomware attacks. Another is to work with professionals to devise reliable defenses.

But what happens if all measures fail, which is a possibility? In that case, you need plan B, which is: never negotiate and never compromise. Experts advise against any type of negotiation because, as history has shown, paying the ransom does nothing.

BianLian will provide you with the decryption key, but you can’t know for sure that they’ve deleted the stolen data. And, more often than not, they won’t. Especially if we’re talking about valuable assets that they can reuse or sell to other cybercriminal gangs.

The safest and most effective way of dealing with ransomware hackers is the silent treatment. This way, they will mark you as a hard-to-crack target, making it unlikely that you will be targeted again in the future.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment