์œ„ํ˜‘ ํ‰๊ฐ€ : Bianlian

๐Ÿ’Œ ๋ณด์•ˆ ์†Œ์‹
1

์œ„ํ˜‘ ํ‰๊ฐ€ : Bianlian

Unit 42 ์—ฐ๊ตฌ์›๋“ค์€ ๋ˆ„์ถœ ์‚ฌ์ดํŠธ ๋ฐ์ดํ„ฐ๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ Bianlian Ransomware Group์„ ์ถ”์ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ด ๊ทธ๋ฃน์€ ๋ฏธ๊ตญ๊ณผ ์œ ๋Ÿฝ์˜ ์กฐ์ง์— ์˜ํ–ฅ์„ ๋ฏธ์น˜๋ฉฐ, Makop Ransomware Group๊ณผ ๊ณตํ†ต ๋„๊ตฌ๋ฅผ ๊ณต์œ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ตœ๊ทผ์—๋Š” ๋ฐ์ดํ„ฐ๋ฅผ ํ›”์น˜๊ธฐ ์ „์— ํ”ผํ•ด์ž์—๊ฒŒ ๋™๊ธฐ๋ฅผ ๋ถ€์—ฌํ•˜๊ธฐ ์œ„ํ•ด ์ด์ค‘ ๊ฐ•ํƒˆ ๋ฐฉ์‹์—์„œ ์•”ํ˜ธํ™” ์—†์ด ๊ฐ•ํƒˆ์— ์ด๋™ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.

Threat Assessment: BianLian

Unit 42 researchers are tracking Bianlian Ransomware Group based on leak site data.The group affects organizations in the United States and Europe and shares common tools with Makop Ransomware Group.Recently, in order to motivate the victim before stealing the data, he is moving to the robber without encryption in the double robbery method.

https://unit42.paloaltonetworks.com/bianlian-ransomware-group-threat-assessment/