HackRead reports that intrusions with fake invoice or budget SVG images have been launched by the BianLian ransomware operation against organizations across Venezuela as part of a new attack campaign.BianLian has distributed phishing emails with SVG files with concealed XML code, which facilitates a connection with an external URL to download an illicit artifact to the targeted system upon opening, according to a WatchGuard analysis. Attacks also involved the exploitation of the ja.cat service for link shortening that enabled traffic redirection to several hacked Brazilian domains and the eventual delivery of a clandestine Go-based Windows program, which not only tracks the usage of the Wine analysis tool but also scans for GODEBUG and other internal settings, while also leveraging high-speed AES encryption.Organizations have been urged to defend their systems by immediately blocking several suspicious domains. Such a development comes after a similar attack campaign with fraudulent judicial portals was launched against Colombia.
Ransomware, Email security
Illicit SVG images harnessed by BianLian ransomware gang

An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



