- Dark Web Trio Sentenced - October 15, 2023
- Dymocks Data: Darknet Hit? - October 15, 2023
- Dark Web Forum Shows How to Synthesize Methamphetamine at Home - October 4, 2023
In their most recent research report, Group-IB’s threat intelligence team claimed that they had penetrated and investigated Qilin’s internal operations, providing details on their targeting of important industries and the advanced methods they used.
What is actually Qilin?
Since its identification in August 2022, Qilin, also known as Agenda ransomware, has grown to be a serious menace.
Nikolay Kichatov, a threat intelligence analyst at Group-IB, described how Qilin aggressively targets businesses in crucial industries with highly specialized and elusive ransomware assaults. Qilin uses the Rust and Go programming languages to do this.
Here’s the aims of this criminal group…
The assaults included the exfiltration of sensitive information in addition to the encryption of victim data, allowing the threat actors to use a double extortion method.
Researchers from Group-IB claim to have gotten previously unheard-of insights into the affiliate structure and payment procedures within the Qilin RaaS program by gaining access to Qilin’s admin panel. The affiliate panel, which is separated into areas like Blogs, News, and FAQs gives a thorough overview of how the network is coordinated and managed.
In addition, Group-IB’s examination of Qilin’s Dark Web presence has shown that throughout the period of July 2022 to May 2023, the organization released details about 12 victims on a leaked website. Numerous nations, including Australia, Canada, United States, and others have lost victims to this epidemic.
The report also provided useful tips for preventing and stopping Qilin ransomware attacks. The usage of multi-factor authentication (MFA), maintenance of trustworthy data backup strategies, utilization of state-of-the-art malware detection technologies, prioritizing of security patching, staff training, and attentive vulnerability monitoring are a few of these.
One of the threat organizations increasingly focusing on Linux systems, Qilin, was recently referenced in a SentinelOne alert.