Qilin
-
Blog
Ransomware gang Qilin claims cyber attack on Aiken Electric Cooperative – 4.6K+ affected
Ransomware gang Qilin has uploaded South Carolina utility company, Aiken Electric Cooperative, Inc., to its data leak site. It alleges to have stolen over 500GB of data. This follows confirmation of a cyber attack and subsequent data breach from Aiken Electric at the start of September. In its notification, Aiken Electric stated: “On September 1, 2024, Aiken Electric detected unusual…
Read More » -
Blog
New Qilin ransomware encryptor features stronger encryption, evasion
A new Rust-based version of the Qilin (Agenda) ransomware strain, dubbed ‘Qilin.B,’ has been spotted in attacks, featuring stronger encryption, better evasion from security tools, and the ability to disrupt data recovery mechanisms. Qilin.B was spotted by security researchers at Halcyon, who warned about the threat and shared indicators of compromise to help with early detection. Qilin updates its encryptor…
Read More » -
Blog
Qilin ransomware now steals credentials from Chrome browsers
The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. The credential-harvesting techniques has been observed by the Sophos X-Ops team during incident response engagements and marks an alarming change on the ransomware scene. Attack overview The attack that Sophos researchers analyzed started with Qilin gaining access…
Read More »