Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment.

This seems to have been the case for BianLian, a prolific ransomware group that emerged in the summer of 2022. At that point, threat intelligence firm Cyble reported the group was known for executing rapid-encryption attacks, especially against the media and entertainment sectors, as well as healthcare, energy and utilities, among others.