Been hit by BianLian ransomware? Here’s your get-out-of-jail-free card

Cybersecurity firm Avast has released a free decryptor for victims of BianLian – an emerging ransomware threat that came into the public eye in last year.

Victims of BianLian are found in such industries as healthcare, manufacturing, energy, and financial services. Affected parties can download the decryptor to recover their encrypted data – though there could be challenges, according to the Avast researchers.

The operators behind BianLian are among a growing number of ransomware groups using newer programming languages – in this case Go, but others also are turning to Rust – to make the malware difficult to detect, get around endpoint protection tools, and use concurrency capabilities to enable multiple computations to run at the same time.

The concurrency feature enables BianLian to encrypt the data quickly, according to a report by BlackBerry in October 2022. In addition, the ransomware deletes itself after the encryption is complete, Avast researchers wrote in their report. And therein lies the problem.

“The decryptor can only restore files encrypted by a known variant of the BianLian ransomware,” they wrote. “For new victims, it may be necessary to find the ransomware binary on the hard drive; however, because the ransomware deletes itself after encryption, it may be difficult to do so.”

They also recommended looking for .EXE files in folders like %temp%, Documents and Pictures that don’t normally contain executables, and checking the antivirus software’s virus vault. The BianLian executable is about 2MB in size.

According to Avast, once the

Read more

Explore the site

More from the blog

Latest News