The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released an alert warning of a scam involving criminal actors masquerading as the βBianLian Group.β The cyber criminals target corporate executives by sending extortion letters threatening to release victimsβ sensitive information unless payment is received.
Stamped βTime Sensitive Read Immediatelyβ, the letter claims the βBianLian Groupβ gained access into the organizationβs network and stole thousands of sensitive data files. The letter then goes on to threaten that the victimβs data will be published to BianLianβs data leak sites if recipients do not use an included QR code linked to a Bitcoin wallet to pay between $250,000 and $500,000 within ten days from receipt of the letter, claiming the group will not negotiate further with victims.
The FBI states that the letters are an attempt to scam organizations into paying a ransom. The letter contains a U.S.-based return address of βBianLian Groupβ originating from Boston, Massachusetts. No connections have been made between the senders and the widely-publicized BianLian ransomware and data extortion group.
The FBI offers the following guidance on protecting your organization from these scams:
- Notify corporate executives and the organization of the presence of the scam.
- Ensure employees are educated on what to do if they receive a ransom threat.
- If you or your organization receive one of these letters, ensure your network defenses are up to date and that there are no active alerts regarding malicious activity.
- If you discover you are a victim of BianLian ransomware, visit the Joint Cybersecurity Awareness Bulletin for recent tactics, techniques, and procedures and indicators of compromise to help organizations protect against ransomware.
