Qilin, also known as Agenda, is a ransomware-as-a-service operation that collaborates with affiliates to encrypt and exfiltrate data from hacked organizations, demanding a ransom in return.
Despite its name deriving from a mythical Chinese creature that combines features of a dragon and a horned beast, the Qilin ransomware group is linked to Russia.
Qilin has been active since October 2022, when it first posted about a victim on its darknet leak site. Since then, its activities have increased, affecting notable organizations such as the street newspaper The Big Issue, automotive parts giant Yanfeng, and the Australian court service.
Recently, Qilin made headlines following a ransomware attack against Synnovis, a firm involved in blood testing and transfusions. This attack led to an emergency “critical incident” being declared at several London hospitals, with Qilin threatening to release stolen data unless a ransom is paid.
Reports suggest that Qilin is demanding a substantial ransom of $50 million from Synnovis for the decryption tools and a promise not to publish the data.
However, in media interviews, the group claimed that the attack was not financially motivated but a protest against the British government’s involvement in an unspecified war. This claim is dubious given Qilin’s history of targeting various businesses and healthcare organizations without prior political motivations. The high ransom demand likely reflects the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: