Summary: 2025/05/06 11:20
First reported date: 2018/10/01
Inquiry period : 2025/05/05 11:20 ~ 2025/05/06 11:20 (1 days), 1 search results
지난 7일 기간대비 신규 트렌드를 보이고 있습니다.
악성코드 유형 WannaCry BianLian BlackCat WannaCryptor ShadowPad PlugX Ransomware BlackSuit LockBit RedCurl 도 새롭게 확인됩니다.
공격기술 Campaign 도 새롭게 확인됩니다.
기관 및 기업 Check Point Fortinet Paloalto Taiwan China Microsoft United States 도 새롭게 확인됩니다.
기타 EDR Palo Alto 팔로알토 MimiKatz KillAV 등 신규 키워드도 확인됩니다.
BianLian is a GoLang-based ransomware that continues to breach several industries and demand large ransom amounts. The threat actors also use the double extortion method by stealing an affected organization’s files and leaking them online if the ransom is not paid on time. BianLian gains access to victim systems through valid Remote Desktop Protocol (RDP) credentials, uses open-source tools and command-line scripting for discovery and credential harvesting, and exfiltrates victim data via File Transfer Protocol (FTP), Rclone, or Mega. BianLian originally employed a double-extortion model in which they encrypted victims’ systems after exfiltrating the data; however, around January 2023, they shifted to primarily exfiltration-based extortion. The BianLian ransomware uses goroutines and encrypts files in chunks to quickly hijack an infected system. The ransomware adds its own extension to each encrypted file. Ref.
* 최근 뉴스기사 Top3:
ㆍ 2025/05/06 Ransomware Tool Matrix Project Updates: May 2025
참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 79개 종이 확인됩니다.
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | WannaCry | 1 | ▲ new |
| 2 | EDR | 1 | ▲ new |
| 3 | BianLian | 1 | ▲ new |
| 4 | Check Point | 1 | ▲ new |
| 5 | BlackCat | 1 | ▲ new |
| 6 | WannaCryptor | 1 | ▲ new |
| 7 | Fortinet | 1 | ▲ new |
| 8 | Palo Alto | 1 | ▲ new |
| 9 | 팔로알토 | 1 | ▲ new |
| 10 | Paloalto | 1 | ▲ new |
| 11 | ShadowPad | 1 | ▲ new |
| 12 | PlugX | 1 | ▲ new |
| 13 | MimiKatz | 1 | ▲ new |
| 14 | KillAV | 1 | ▲ new |
| 15 | Ransomware | 1 | ▲ new |
| 16 | RTM | 1 | ▲ new |
| 17 | BlackSuit | 1 | ▲ new |
| 18 | Zero Trust | 1 | ▲ new |
| 19 | Taiwan | 1 | ▲ new |
| 20 | China | 1 | ▲ new |
| 21 | Microsoft | 1 | ▲ new |
| 22 | Victim | 1 | ▲ new |
| 23 | United States | 1 | ▲ new |
| 24 | Campaign | 1 | ▲ new |
| 25 | Report | 1 | ▲ new |
| 26 | Malware | 1 | ▲ new |
| 27 | LockBit | 1 | ▲ new |
| 28 | Vulnerability | 1 | ▲ new |
| 29 | RedCurl | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| WannaCry |
|
1 (10%) |
| BianLian |
|
1 (10%) |
| BlackCat |
|
1 (10%) |
| WannaCryptor |
|
1 (10%) |
| ShadowPad |
|
1 (10%) |
Attacker & Actors
The status of the attacker or attack group being issued.
No data.
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Campaign |
|
1 (100%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| Check Point |
|
1 (14.3%) |
| Fortinet |
|
1 (14.3%) |
| Paloalto |
|
1 (14.3%) |
| Taiwan |
|
1 (14.3%) |
| China |
|
1 (14.3%) |
Malware Family
Top 5
A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 1)WannaCry EDR BianLian Check Point BlackCat WannaCryptor Fortinet Paloalto ShadowPad PlugX MimiKatz KillAV Ransomware RTM BlackSuit Zero Trust Taiwan China Microsoft Victim United States Campaign Report Malware LockBit Vulnerability RedCurl
| No | Title | Date |
|---|---|---|
| 1 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 2 | Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked - Security Latest- WIRED | 2025.05.06 |
| 3 | Palantir Sales Forecast Falls Short of Wall Street’s High Hopes - Bloomberg Technology | 2025.05.06 |
| 4 | Modernizing IT Operations with AIOPS: A Comprehensive Guide - Malware.News | 2025.05.06 |
| 5 | A Timely Reminder: Russia’s Enduring Cyber Threat to Critical Infrastructure - Malware.News | 2025.05.06 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 2 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 3 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 4 | Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks - The Hacker News | 2025.03.27 |
| 5 | Shifting the sands of RansomHub’s EDRKillShifter - Malware.News | 2025.03.27 |
| View only the last 5 | ||
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | https://files-ld.s3.us-east-2.amazonaws.com/NBA+2k23.zip BianLian Ransomware | US  | AMAZON-02 | skocherhan | 2025.03.05 |