The BianLian ransomware attack has allegedly targeted two more victims, Cislo & Thomas LLP and Image Craft. The dark web portal now showcases the compromised organizations, adding to the growing list of entities falling prey to the BianLian ransomware group.
Cislo & Thomas LLP, a full-service intellectual property law firm, and Image Craft, a nationally recognized visual communications specialist, have both found themselves entangled in the web of this relentless cyber threat.
BianLian Ransomware Attack: Two New Victims Added
The BianLian ransomware attack on these two organizations was made public through posts on the dark web portal. Cislo & Thomas LLP, known for providing patent, trademark, copyright, and trade secret legal services globally, and Image Craft, renowned for innovative visual communication methods, are now grappling with the aftermath of this sophisticated cyber assault.
To understand the scope of this alleged BianLian ransomware attack, The Cyber Express reached out to the affected organizations. However, at the time of writing this, no official statement or response has been recorded, leaving the claims surrounding the BianLian ransomware attack unverified at this point.
The BianLian Ransomware Group Spree
This incident follows a broader trend where the BianLian ransomware group has shifted its focus to target US and European healthcare and manufacturing industries. A recent report from Palo Alto Networks Inc.’s Unit 42 highlights the strategies of the BianLian hacker group, with a specific emphasis on the healthcare and manufacturing sectors in the US and Europe.
BianLian, which gained notoriety in 2022 for its traditional ransomware attacks, has evolved its tactics. Initially known for encrypting files and demanding ransom payments, the group has now transitioned to stealing data and threatening to publish it if the ransom is not paid. This strategic shift aims to simplify attacks while maintaining leverage over victims through the threat of data exposure.
Modus Operandi of BianLian Ransomware Group
The Unit 42 researchers discovered that BianLian employs a custom .NET tool for data extraction, also used by the Makop ransomware group, suggesting a possible collaboration or shared resources between the two groups. This tool retrieves sensitive information from compromised systems, including files, registry data, and clipboard contents, with Russian language elements in its codebase hinting at the group’s origins.
In a separate incident, the BianLian ransomware group has claimed three additional victims – North Star Tax and Accounting, KC Pharmaceuticals, and Martinaire, all based in the United States.
Despite the claims, the official websites of these companies remain functional, raising questions about the extent of the BianLian ransomware attack, data compromise, and the motives behind these cyber assults.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
