A Sure-Fire Short Selling Tactic

The FBI warns that the BianLian ransomware gang has evolved a new method of monetizing hacks after a targeted ransomware decryptor was released. “BianLian group originally employed a double-extortion model in which they encrypted victims’ systems after exfiltrating the data,” according to a May 16 joint release by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Australian Cyber Security Centre. “However, around January 2023, they shifted to primarily exfiltration-based extortion.” The gang’s entry is customized for each victim. It enables the installation of remote management tools, activates administrator accounts and changes their passwords. In response, a cybersecurity expert says establishing clear retention guidelines according to the principle that unencrypted data is a liability, not an asset. Like other ransom gangs, BrianLian will also short-trade the stock of a victim before leaking the data, a crime called “shoxing.”