Ransomware Attack on Stein Fibers Exposes 707 GB of Sensitive Data

Incident Date: Aug 30, 2024

Attack Overview

VICTIM

Stein Fibers

INDUSTRY

Manufacturing

LOCATION

USA

ATTACKER

Bianlian

FIRST REPORTED

August 30, 2024

Request Removal

Ransomware Attack on Stein Fibers by BianLian Group

Stein Fibers, Ltd., a leading supplier and producer of synthetic fibers, particularly polyester staple fibers and nonwoven fibers, has been targeted by the notorious ransomware group BianLian. The attack, which has been claimed on BianLian's dark web leak site, has compromised a significant amount of sensitive data, posing a substantial risk to the company's operations and reputation.

Company Overview

Founded in 1976 and headquartered in Albany, New York, Stein Fibers has grown to become one of the largest players in the North American textile market. The company specializes in the production, sourcing, delivery, and sale of textile-related fiber products, with annual shipments exceeding 500 million pounds. Stein Fibers is known for its extensive range of fiber products, commitment to customer service, and proactive approach to environmental sustainability.

Attack Overview

The ransomware attack on Stein Fibers has resulted in the breach of 707 GB of data. The compromised information includes financial records, human resources data, details about partners and vendors, client and customer information, engineering and technological data, incident and accident reports, and internal and external email correspondence. Various databases have also been affected, highlighting the critical need for enhanced cybersecurity measures.

About BianLian

BianLian is a sophisticated ransomware group that has evolved from targeting individual users to launching high-profile attacks on businesses and organizations globally. Initially functioning as a banking trojan, BianLian transitioned into advanced ransomware operations, emphasizing extortion-based strategies. The group is known for its exfiltration-based extortion tactics, threatening victims with financial, business, and legal consequences if payment is not made.

Penetration Tactics

BianLian typically gains initial access through compromised Remote Desktop Protocol (RDP) credentials, implanting custom backdoors specific to each victim. The group uses PowerShell and Windows Command Shell for defense evasion and employs various tools for discovery, lateral movement, collection, exfiltration, and impact. The attack on Stein Fibers underscores the vulnerabilities that manufacturing companies face, particularly those with extensive digital operations and sensitive data.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.