BianLian attacks Neutronic Stamping
Incident Date:
May 30, 2023
Overview
Title
BianLian attacks Neutronic Stamping
Victim
Neutronic Stamping
Attacker
Bianlian
Location
First Reported
May 30, 2023
Neutronic Stamping and Plating Hit by Ransomware Attack
Neutronic Stamping and Plating, an US-based electronics manufacturer, has been hit with a ransomware attack. BianLian ransomware group has taken responsibility for the incident, posting Neutronic Stamping to its dark web blog page. The group claims to have stolen 480GB of company information including: HR data, Accounting data, Production data, Financial data, SQL databases, and Post archives.
BianLian uploaded Neutronic Stamping to its dark web blog page on May 30, but Neutronic Stamping is yet to confirm the attack. Founded in 1975, Neutronic Stamping and Plating manufactures high-quality electric contacts, pins and lead-frames. It has two sites, both in Fountain Valley, California. It serves the Automotive, Consumer Electronics, Telecom, Defense, and Medical Industries, both in North America and globally.
About BianLian Ransomware Gang
BianLian ransomware gang, which first appeared in June 2022, is a ransomware developer, deployer, and data extortion cybercriminal group. It primarily targets US critical infrastructure but has also attacked professional services, property development, and Australian critical infrastructure sectors.
The ransomware group leverages Remote Desktop Protocol (RDP) credentials to gain access to victims’ systems, using open-source tools and command-line scripting for discovery and credential harvesting, and finally exfiltrating victim data via File Transfer Protocol (FTP), Rclone, or Mega. BianLian then hold organizations to ransom, threating to release the stolen data if the victim fails to pay up.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.