Ransomware Attack on Dragon Tax & Management Inc. by BianLian

Overview

Dragon Tax & Management Inc.'s website, dragontaxmanagement.com, was infiltrated by BianLian, resulting in the exfiltration of 334 GB of sensitive data. This included financials, client records, HR data, PII, contracts, agreements, and email correspondence. The attack highlights the severe impact ransomware groups like BianLian can have on organizations.

Victim Company Profile

Dragon Tax & Management Inc. is a premier full-service tax and management firm located in California's Bay Area. They offer comprehensive financial, tax, and management services to individuals and businesses. Additionally, they provide IRS representation and tax resolution services for clients facing tax issues. The company also has a support office in Manila, Philippines, providing accounting, tax services, bookkeeping, and business consulting services.

Company Size and Industry Standing

The company operates in the Business Services sector, specializing in tax preparation, planning, bookkeeping, payroll services, and financial management. Their standout feature is their comprehensive range of services that cater to both individual and business clients, setting them apart in the industry.

Ransomware Group BianLian's Tactics

BianLian is a sophisticated ransomware group known for targeting high-profile businesses globally. They have evolved from initial banking trojan operations to advanced ransomware attacks, focusing on sectors with sensitive data and financial capacity. BianLian gains access through compromised RDP credentials, implanting custom backdoors, and employing various tools for data exfiltration and extortion.

Sources

• Dragon Tax & Management Inc. Website
• BianLian Threat Actor Profile
• CISA Cybersecurity Advisory
• Palo Alto Networks Threat Assessment