At a glance.
- BianLian gang’s pivot.
- HinataBot: a Go-based threat.
- US Social Security Administration impersonated in attempted vishing attacks.
- BlackSnake in the RaaS criminal market.
- More Silicon Valley Bank-themed phishing.
- Russian operators exploit an Outlook vulnerability.
BianLian gang’s pivot.
Researchers from security firm [redacted] say the ransomware gang BianLian has shifted its primary focus to data theft extortion rather than encryption. As part of this pivot, the gang has been putting more effort into tailoring their ransom notes to specific victims:
“In several instances, BianLian made reference to legal and regulatory issues a victim would face were it to become public that the organization had suffered a breach. The group has also gone so far as to include specific references to the subsections of several laws and statutes. While the applicability of the laws (to the victim and their data) referenced by BianLian would need to be assessed by the courts, at first glance, the laws referenced by the actors did in fact correspond to the jurisdiction where the victim was located.”