BianLian
BianLian is a cybercriminal ransomware group, presumably based in Russia, which has targeted Critical National Infrastructure in the US and private enterprises in Australia and the UK since June 2022,
specializing since 2023 in encryption-based extortion. Valid Remote Desktop Protocol credentials are used to gain access to systems.
On 20 November 2024, FBI, United States’ Cyber Security and Infrastructure Security Agency and the Australian Cyber Security Centre released a joint security advisory concerning the BianLian group. Such has been its noterierty that on 6 March 2025 the FBI and its Internet Crime Complaint Center issued an advisory bulletin about unknown actors claiming to be BianLian.