"BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign"
Resecurity has discovered a meaningful link between the three major ransomware groups known as BianLian, White Rabbit, and Mario. The groups were found working together in a joint extortion campaign targeting publicly traded financial services companies. Resecurity shared a list of IP addresses associated with the joint attack. Multiple Residential IP Proxies in the APAC region were used in the attack. To further complicate the investigation, the malicious actors applied Business Email Compromise (BEC) as a vector to deliver their ransom payment demands anonymously by using compromised email accounts belonging to other organizations. This article continues to discuss the findings regarding the link between the three major ransomware groups.
Submitted by grigby1