FBI Warning: Scammers Impersonating BianLian Ransomware Gang

The Federal Bureau of Investigation (FBI) has issued a warning regarding scammers who are impersonating the BianLian ransomware gang. These scammers are sending fake ransom notes to corporate executives in the United States.

Details of the Scam

The fake ransom notes, which were first reported by GuidePoint Security, a U.S. cybersecurity company, claim that hackers have gained access to an organization’s network and have stolen sensitive data. The notes threaten to publish the stolen data unless a ransom is paid. This is a common tactic used by ransomware gangs to extort money from their victims.

Demands and Methods

According to the FBI, the scammers are demanding ransom payments ranging from $250,000 to $500,000. The ransom notes include a QR code linked to a Bitcoin wallet, which is used to receive the ransom payments. The notes also have a return address listed as an office building in Boston, Massachusetts, and claim to be from the BianLian ransomware gang.

Background on BianLian Ransomware Gang

The BianLian ransomware gang, which has been linked to Russia, was the subject of a warning issued by the Cybersecurity and Infrastructure Security Agency (CISA) in November last year. The warning stated that the group had targeted multiple U.S. critical infrastructure sectors since June 2022.

Targeted Sectors and Victims

It is not known how many individuals have been targeted by this scam, and the FBI has not named any known victims. However, cybersecurity firm Arctic Wolf reports that the letters have primarily been sent to executives in the U.S. healthcare sector.

Investigation and Findings

The FBI has stated that it has not identified any connections between the individuals sending the ransom notes and the actual BianLian ransomware gang. This suggests that the scam may be the work of unrelated individuals or groups attempting to capitalize on the notoriety of the BianLian gang.