Description

BianLian is a ransomware group that has been active since at least 2022, primarily targeting the healthcare and manufacturing sectors in the United States and Europe. The group is known for its use of a double extortion scheme, where they encrypt victims' data and threaten to publish it if a ransom is not paid. However, BianLian has recently shifted to an extortion-only model, focusing on data theft and extortion without encryption. The group shares a customized tool with the Makop ransomware group, suggesting a potential connection between the two. Bianlian is now operating as Argonauts.