Scammers Use Fake BianLian Ransom Notes in Postal Mail Extortion Scheme

Letters sent to U.S. executives falsely claim network breaches, demanding up to $500,000 in Bitcoin payments.

Cybercriminals are mailing fraudulent ransom letters to U.S. company executives, falsely claiming to represent the BianLian ransomware group.
The letters allege stolen sensitive data and demand Bitcoin payments ranging from $250,000 to $500,000 within ten days to avoid data leaks.
Investigations by GuidePoint Security and Arctic Wolf confirm no evidence of actual network breaches or ransomware activity in the targeted organizations.
The letters include QR codes for Bitcoin wallets and legitimate Tor links to BianLian's leak site to enhance credibility, but researchers assess the claims as illegitimate.
Recipients are advised to report the scam to law enforcement and avoid engaging with the letters, which are part of a broader evolution of extortion tactics.