BianLian attacks Neutronic Stamping

Incident Date:

May 30, 2023

World map

Overview

Title

BianLian attacks Neutronic Stamping

Victim

Neutronic Stamping

Attacker

Bianlian

Location

Corona, USA

CA, USA

First Reported

May 30, 2023

Neutronic Stamping and Plating Hit by Ransomware Attack

Neutronic Stamping and Plating, an US-based electronics manufacturer, has been hit with a ransomware attack. BianLian ransomware group has taken responsibility for the incident, posting Neutronic Stamping to its dark web blog page. The group claims to have stolen 480GB of company information including: HR data, Accounting data, Production data, Financial data, SQL databases, and Post archives.

BianLian uploaded Neutronic Stamping to its dark web blog page on May 30, but Neutronic Stamping is yet to confirm the attack. Founded in 1975, Neutronic Stamping and Plating manufactures high-quality electric contacts, pins and lead-frames. It has two sites, both in Fountain Valley, California. It serves the Automotive, Consumer Electronics, Telecom, Defense, and Medical Industries, both in North America and globally.

About BianLian Ransomware Gang

BianLian ransomware gang, which first appeared in June 2022, is a ransomware developer, deployer, and data extortion cybercriminal group. It primarily targets US critical infrastructure but has also attacked professional services, property development, and Australian critical infrastructure sectors.

The ransomware group leverages Remote Desktop Protocol (RDP) credentials to gain access to victims’ systems, using open-source tools and command-line scripting for discovery and credential harvesting, and finally exfiltrating victim data via File Transfer Protocol (FTP), Rclone, or Mega. BianLian then hold organizations to ransom, threating to release the stolen data if the victim fails to pay up.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.