RESEARCH & INSIGHTS CENTER

A Deep Dive into BianLian Ransomware

BianLian ransomware is a Golang malware that performed targeted attacks across multiple industries in 2022. The ransomware employed anti-analysis techniques consisting of API calls that would likely crash some sandboxes/automated analysis systems. The malware targets all drives identified on the machine and deletes itself after the encryption is complete.

The files are encrypted using the AES256 algorithm (Golang package AES), and as opposed to other ransomware families, the AES key is not encrypted by a public key and is not stored in the encrypted files. We believe that decryption is possible by recovering the ransomware encryptor using forensics tools. The extension of the encrypted files is changed to “.bianlian.”

Don’t Fight Alone Incident Response Template

Incident Response Template Download this free template for outlining the steps SecurityScorecard will take alongside you in the event of

03/24/2023

Cyber Insurance

Protected: Reduce Cyber Risk with the predictive power of security ratings

There is no excerpt because this is a protected post.

03/21/2023

Case Study: UNICC

As one of Japan’s leading networking and security technology integrators, Network Value Components (NVC) is responsible for provisioning, implementing, and maintaining the software and security solutions its clients need to stay safe.

03/16/2023