FBI says scammers are targeting US executives with fake BianLian ransom notes

The FBI is warning that scammers are impersonating the BianLian ransomware gang using fake ransom notes sent to U.S. corporate executives.

The fake ransom notes, first reported by U.S. cybersecurity company GuidePoint Security, claim that hackers have gained access to an organization’s network to steal sensitive data, and threaten to publish the stolen data unless a ransom demand is paid. 

The scammers are demanding between $250,000 and $500,000, according to the FBI, which says the letter includes a QR code linked to a Bitcoin wallet. The notes have a return address to an office building in Boston, Massachusetts, and claim to be from the BianLian ransomware gang.

The Russia-linked BianLian gang was the subject of a CISA alert in November last year, which warned that the group had targeted multiple U.S. critical infrastructure sectors since June 2022.

It’s not known how many individuals have been targeted by this scam, and the FBI hasn’t named any known victims. Cybersecurity firm Arctic Wolf reports that the letters have primarily been sent to executives in the U.S. healthcare sector. 

The FBI says it has not identified any connections between the individuals sending the ransom notes and BianLian.