Skip to content

Scammers Mailing Ransom Letters While Posing as BianLian Ransomware

Posted by: GuidePoint Security

< 1 min read

March 4, 2025 – Published on Hackread

GuidePoint Security’s Senior Threat Intelligence Analyst, Grayson North, has discovered a peculiar trend in the corporate sector in which executives at various organizations began receiving physical letters delivered via the US Postal Service.

In March 2025, the GuidePoint Research and Intelligence Team (GRIT) received reports of suspicious physical letters from the BianLian ransomware group, claiming that the recipient’s corporate IT network had been compromised and sensitive data had been stolen. The letters were delivered via mail from US addresses.

These senders demanded substantial ransom payments, ranging from $250,000 to $350,000, to a Bitcoin wallet address provided, with a threat of data leakage if payment was not received within ten days.

The letters mimicked the format of traditional digital ransomware notes, including QR codes for easy Bitcoin transfers and Tor links to BianLian’s data leak site on the Dark Web. However, cybersecurity analysts at GuidePoint Security quickly identified numerous inconsistencies that cast doubt on the legitimacy of these claims.

Read More HERE.

Categories: Incident Response & Threat Intelligence
Tags:GRITransomware

GuidePoint Security

Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear
In early March 2025, GRIT received reports from multiple organizations regarding suspicious physical letters delivered by mail from US addresses […]
View Page

Related Articles

View All

  • GRIT Blog
Snail Mail Fail: Fake Ransom Note Campaign Preys on Fear
Posted by: Grayson North
Published 03/04/25, 11:17am
Read More 5 min read
  • Incident Response & Threat Intelligence
FBI Alert: $250,000 Snail Mail Ransomware Threat To US CEOs Confirmed
Read More < 1 min read
  • Incident Response & Threat Intelligence
GRIT 2025 Ransomware & Cyber Threat Report
Read More < 1 min read