The FBI has warned about scammers posing as the BianLian ransomware gang, sending fraudulent ransom letters to corporate executives in the United States.
According to GuidePoint Security, these fake ransom notes claim that hackers have infiltrated an organization’s network and stolen sensitive data. The scammers then demand payment, threatening to release the compromised information if the ransom is not met.
The FBI reports that the fraudsters are demanding between $250,000 and $500,000, providing a QR code linked to a Bitcoin wallet for payment. The letters also list a return address in Boston, Massachusetts, and falsely claim to be from the notorious BianLian ransomware group.
Although BianLian—an extortion group with links to Russia—has been on the FBI and CISA’s radar for targeting critical U.S. infrastructure since mid-2022, there is no evidence that the actual group is involved in these scams. The FBI has not identified any connections between the senders of these fraudulent ransom letters and the real BianLian gang.
Reports indicate that executives in the U.S. healthcare sector have been the primary targets, though the full scope of the scam remains unclear.
