Scammers are impersonating the BianLian ransomware gang in fake ransom notes sent to US companies via snail mail through the United States Postal Service. Guidepoint Security first reported the phony ransom notes today, and BleepingComputer later received a scan of the note from a CEO who received the same letter. The envelopes for these ransom notes claim to be from the "BIANLIAN Group" and have a return address in an office building in Boston, Massachusetts.
The letter shared with BleepingCompu
bianlian (2)
BianLian is a ransomware developer, deployer, and data extortion cybercriminal group who has targeted organizations in multiple US critical infrastructure sectors since June 2022. They have also targeted Australian critical infrastructure sectors in addition to professional services and property development. The group gains access to victim systems through valid Remote Desktop Protocol (RDP) credentials, use open-source tools and command-line scripting for discovery and credential harvesting, a
