A new ransomware group named BianLian that emerged in late 2021 has become increasingly active, according to security researchers. US cybersecurity firm Redacted released a report earlier this week alleging that the threat actor has already compromised twenty victims spanning several industries, including insurance, medicine, law, and engineering. The majority of the group’s targets are located in Australia, North America, and the UK, says Redacted.
Redacted also stated that BianLian uses a custom toolkit that consists of both homemade encryptors and backdoors. The tools and the software used by the hackers are written in Go, which is becoming increasingly popular among ransomware actors. Redacted stated that it has observed signs that the group may be trying to increase its activities. One of these signs was that the threat actor is bringing new command and control servers online. The grow signifies that the group is seeking to increase their operation rate.
