The BianLian ransomware organisation is expanding its operations, developing as a company, and attacking systems more quickly than ever. In cyberattacks that have so far claimed at least 116 victims, it is also shifting away from encryption and into outright data theft extortion tactics, according to researchers. First identified in July of last year, BianLian hasn't changed much from its basic strategy of installing a unique go-based backdoor after it has gained access to a network. With a few minor changes, the malware's functioning generally stays the same, according to Redacted researchers' blog post released today. "BianLian has discovered that they don't need to actually encrypt victim networks to get paid," Adam Flatley, vice president of intelligence at Redacted, says. He goes on to say that the group's decision to concentrate on data-leak extortion is "extremely dangerous" because it gives them the opportunity to take the time and effort to personalise their threats to particular victims and increase the pressure on them to pay ransoms.
Read the full article here.
