• Mon. Mar 4th, 2024

Qilin Ransomware: A Threat Targeting Critical Sectors on the Dark Web

Avatar photo

ByHarper Stewart

Jul 27, 2023
Qilin Ransomware: Threat Dark Web
Harper Stewart
Latest posts by Harper Stewart (see all)

In their most recent research report, Group-IB’s threat intelligence team claimed that they had penetrated and investigated Qilin’s internal operations, providing details on their targeting of important industries and the advanced methods they used.

What is actually Qilin?

Since its identification in August 2022, Qilin, also known as Agenda ransomware, has grown to be a serious menace.

Nikolay Kichatov, a threat intelligence analyst at Group-IB, described how Qilin aggressively targets businesses in crucial industries with highly specialized and elusive ransomware assaults. Qilin uses the Rust and Go programming languages to do this.

Here’s the aims of this criminal group…

The assaults included the exfiltration of sensitive information in addition to the encryption of victim data, allowing the threat actors to use a double extortion method.

Researchers from Group-IB claim to have gotten previously unheard-of insights into the affiliate structure and payment procedures within the Qilin RaaS program by gaining access to Qilin’s admin panel. The affiliate panel, which is separated into areas like Blogs, News, and FAQs gives a thorough overview of how the network is coordinated and managed.

In addition, Group-IB’s examination of Qilin’s Dark Web presence has shown that throughout the period of July 2022 to May 2023, the organization released details about 12 victims on a leaked website. Numerous nations, including Australia, Canada, United States, and others have lost victims to this epidemic.

The report also provided useful tips for preventing and stopping Qilin ransomware attacks. The usage of multi-factor authentication (MFA), maintenance of trustworthy data backup strategies, utilization of state-of-the-art malware detection technologies, prioritizing of security patching, staff training, and attentive vulnerability monitoring are a few of these.

One of the threat organizations increasingly focusing on Linux systems, Qilin, was recently referenced in a SentinelOne alert.

 
Avatar photo

Harper Stewart

With a deep understanding of the complexities of the Dark Web, Harper curates informative and thought-provoking content for our readers. Her knowledge of the hidden corners of the internet and cybersecurity helps shed light on the often mysterious and illicit activities that take place in this realm.