BianLian ransomware gang targets Save the Children International | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

BianLian ransomware gang targets Save the Children International

Infamous ransomware operator BianLian has cryptically boasted about exfiltrating nearly seven terabytes of data from “the world’s leading nonprofit organisation”, according to its darknet leak site.

Unlike many similar gangs, BianLian likes people to play a guessing game to work out who it has targeted. It posts somewhat redacted versions of its victims on its leak site, but there is often enough context to make a strong guess.

In this case, BianLian’s claiming to have 6.8 terabytes of data belonging to:

**** **e ******e* ***e*********

“The world’s leading nonprofit organisation,” BianLian’s leak posts goes on to add, “employing around 25,000 staff and operating in 116 countries.”

It doesn’t take a sleuth to work out the missing letters, nor much research to match those numbers to the more than 100-year-old charity.

“With 25,000 dedicated staff across 116 countries,” Save the Children says on its own website, “we respond to major emergencies, deliver innovative development programmes, and ensure children’s voices are heard through our campaigning to build a better future for and with children.”

BianLian says it has information pertaining to human resources, medical information, emails, and more than 800 gigabytes of financial data.

To use a common phrase, this can simply be summed up as a dog act.

BianLian has not posted how much they are hoping to extort for the data, or when it will be published.

The ransomware gang – named after a form of traditional Chinese performance – made news this year when it switched its tactics from traditional encryption operations to outright extortion. After a free decryptor for its ransomware was released earlier in 2023, it stopped encrypting its targets, instead exfiltrating data wholesale and threatening to post it online if no payment is received.

“In 2023, FBI observed BianLian shift to primarily exfiltration-based extortion with victims’ systems left intact, and ACSC observed BianLian shift exclusively to exfiltration-based extortion,” a joint advisory read at the time. “BianLian actors warn of financial, business, and legal ramifications if payment is not made.”

And while many ransomware operators say they stay away from certain targets, such as healthcare, religious, and charity organisations, BianLian has no such qualms.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

BianLian ransomware gang targets Save the Children International


cybersecurity logo

Last Updated: 12 September 2023

Published: 12 September 2023


Click Here For The Original Source.

National Cyber Security