Summary: 2025/05/07 21:29
First reported date: 2018/10/01
Inquiry period : 2025/04/07 21:28 ~ 2025/05/07 21:28 (1 months), 1 search results
전 기간대비 -900% 낮은 트렌드를 보이고 있습니다.
악성코드 유형 WannaCry BlackCat WannaCryptor ShadowPad PlugX BlackSuit LockBit RedCurl 도 새롭게 확인됩니다.
기관 및 기업 Fortinet Paloalto Taiwan China 도 새롭게 확인됩니다.
기타 Palo Alto 팔로알토 MimiKatz KillAV RTM 등 신규 키워드도 확인됩니다.
BianLian is a GoLang-based ransomware that continues to breach several industries and demand large ransom amounts. The threat actors also use the double extortion method by stealing an affected organization’s files and leaking them online if the ransom is not paid on time. BianLian gains access to victim systems through valid Remote Desktop Protocol (RDP) credentials, uses open-source tools and command-line scripting for discovery and credential harvesting, and exfiltrates victim data via File Transfer Protocol (FTP), Rclone, or Mega. BianLian originally employed a double-extortion model in which they encrypted victims’ systems after exfiltrating the data; however, around January 2023, they shifted to primarily exfiltration-based extortion. The BianLian ransomware uses goroutines and encrypts files in chunks to quickly hijack an infected system. The ransomware adds its own extension to each encrypted file. Ref.
* 최근 뉴스기사 Top3:
ㆍ 2025/05/06 Ransomware Tool Matrix Project Updates: May 2025
참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 79개 종이 확인됩니다.
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | WannaCry | 1 | ▲ new |
| 2 | EDR | 1 | ▼ -1 (-100%) |
| 3 | BianLian | 1 | ▼ -9 (-900%) |
| 4 | Check Point | 1 | - 0 (0%) |
| 5 | BlackCat | 1 | ▲ new |
| 6 | WannaCryptor | 1 | ▲ new |
| 7 | Fortinet | 1 | ▲ new |
| 8 | Palo Alto | 1 | ▲ new |
| 9 | 팔로알토 | 1 | ▲ new |
| 10 | Paloalto | 1 | ▲ new |
| 11 | ShadowPad | 1 | ▲ new |
| 12 | PlugX | 1 | ▲ new |
| 13 | MimiKatz | 1 | ▲ new |
| 14 | KillAV | 1 | ▲ new |
| 15 | Ransomware | 1 | ▼ -7 (-700%) |
| 16 | RTM | 1 | ▲ new |
| 17 | BlackSuit | 1 | ▲ new |
| 18 | Zero Trust | 1 | ▲ new |
| 19 | Taiwan | 1 | ▲ new |
| 20 | China | 1 | ▲ new |
| 21 | Microsoft | 1 | - 0 (0%) |
| 22 | Victim | 1 | ▼ -3 (-300%) |
| 23 | United States | 1 | ▼ -3 (-300%) |
| 24 | Campaign | 1 | - 0 (0%) |
| 25 | Report | 1 | ▼ -2 (-200%) |
| 26 | Malware | 1 | ▼ -3 (-300%) |
| 27 | LockBit | 1 | ▲ new |
| 28 | Vulnerability | 1 | - 0 (0%) |
| 29 | RedCurl | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| WannaCry |
|
1 (10%) |
| BianLian |
|
1 (10%) |
| BlackCat |
|
1 (10%) |
| WannaCryptor |
|
1 (10%) |
| ShadowPad |
|
1 (10%) |
Attacker & Actors
The status of the attacker or attack group being issued.
No data.
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Campaign |
|
1 (100%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| Check Point |
|
1 (14.3%) |
| Fortinet |
|
1 (14.3%) |
| Paloalto |
|
1 (14.3%) |
| Taiwan |
|
1 (14.3%) |
| China |
|
1 (14.3%) |
Malware Family
Top 5
A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 1)WannaCry EDR BianLian Check Point BlackCat WannaCryptor Fortinet Paloalto ShadowPad PlugX MimiKatz KillAV Ransomware RTM BlackSuit Zero Trust Taiwan China Microsoft Victim United States Campaign Report Malware LockBit Vulnerability RedCurl
| No | Title | Date |
|---|---|---|
| 1 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Startup SimpleClosure Sees Boom In Giving Fellow Startups ‘Peace of Mind’ to Die - Bloomberg Technology | 2025.05.07 |
| 2 | Nitrogen Ransomware Exposed: How ANY.RUN Helps Uncover Threats to Finance - Malware.News | 2025.05.07 |
| 3 | Uber Posts Quarterly Bookings Miss as Rideshare Growth Slows - Bloomberg Technology | 2025.05.07 |
| 4 | State of the Underground 2025: Key Trends Shaping Cyber Risk Today - Malware.News | 2025.05.07 |
| 5 | State of ransomware in 2025 - Malware.News | 2025.05.07 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 2 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 3 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 4 | Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks - The Hacker News | 2025.03.27 |
| 5 | Shifting the sands of RansomHub’s EDRKillShifter - Malware.News | 2025.03.27 |
| View only the last 5 | ||
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | https://files-ld.s3.us-east-2.amazonaws.com/NBA+2k23.zip BianLian Ransomware | US  | AMAZON-02 | skocherhan | 2025.03.05 |