The Qilin ransomware group, active since 2022, continues to target multiple industries and countries, executing sophisticated attacks involving credential theft, lateral movement, and multi-platform ransomware deployment. Their operations highlight the evolving tactics of ransomware-as-a-service groups and the increasing complexity of cyber threats. #Qilin #RansomwareASaService
Keypoints
- Qilin has claimed over 40 victims per month in 2025, with a peak of 100 cases in June.
- The group primarily targets sectors such as manufacturing, scientific services, and wholesale trade across North America and Europe.
- Attackers exploit leaked credentials, RDP, and legitimate remote tools to infiltrate networks undetected.
- Their multi-platform ransomware includes both Windows and Linux variants, adapting to modern virtualization environments.
- Qilin employs advanced techniques like credential harvesting, privilege escalation, and file obfuscation to evade detection and maximize impact.
Read More: https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html