Keypoints
- The Qilin ransomware group has been active since 2023 as a ransomware-as-a-service operation.
- Qilin primarily targets small-to-medium-sized businesses in sectors like healthcare, construction, and finance.
- Initial access is often gained through unpatched VPNs or single-factor remote access tools.
- In 2025, 88% of Qilin attacks involved data theft and encryption, with some victimsβ data published online.
- Experts advise organizations to patch systems, implement MFA, limit exposed interfaces, and monitor for intrusions.
Read More: https://www.infosecurity-magazine.com/news/qilin-ransomware-activity-surges/