BianLian
Malware
Threat Actor Group
Aliases: Argonauts
Description
BianLian is a ransomware group that has been active since at least 2022, primarily targeting the healthcare and manufacturing sectors in the United States and Europe. The group is known for its use of a double extortion scheme, where they encrypt victims' data and threaten to publish it if a ransom is not paid. However, BianLian has recently shifted to an extortion-only model, focusing on data theft and extortion without encryption. The group shares a customized tool with the Makop ransomware group, suggesting a potential connection between the two. Bianlian is now operating as Argonauts.
Targets
- Windows
- Healthcare
- Manufacturing
Domains
95
IPv4 Addresses
2342
Last updated 2025-11-08T20:21:04Z
View DNS history, indicators, and additional details with a free community account.
Use your professional email to create your Validin community account.
Already have an account? Sign in