Skip to content

Novel PowerShell Backdoor Discovered By GuidePoint Security

Posted by:
< 1 min read

March 10, 2024 – Published on IT Nerd

GuidePoint Security has revealed its first encounter with BianLian’s PowerShell backdoor – the first encounter in 2024 to be reported publicly thus far.

GuidePoint Security’s Research and Intelligence Team (GRIT) discovered malicious activity while responding to an incident that began with the exploitation of TeamCity vulnerabilities for initial access, resulting in deploying a novel implementation of a PowerShell backdoor.

Through their analysis, GuidePoint Security ultimately identified the threat actor group behind the attack and provided highly confident attribution to the BianLian ransomware group.

Read More HERE.

Categories: Incident Response & Threat Intelligence
Tags:GRITransomware

GuidePoint Security

BianLian GOs for PowerShell After TeamCity Exploitation
Contributors: Justin Timothy, Threat Intelligence Consultant, Gabe Renfro, DFIR Advisory Consultant, Keven Murphy, DFIR Principal Consultant Introduction Ever since Avast […]
View Page

Related Articles

View All

  • Threat Advisory
BianLian GOs for PowerShell After TeamCity Exploitation
Posted by: Drew Schmitt
Read More 9 min read
  • Incident Response & Threat Intelligence
A Review: 2023 Annual GRIT Ransomware Report
Read More < 1 min read
  • Incident Response & Threat Intelligence
GRIT Ransomware Annual Report 2023 (Q1-Q4)
Read More 2 min read