Qilin (cybercrime group)

Qilin is a Russian-speaking cybercrime organisation that has been linked to a number of incidents, including the ransomware attack on hospitals in London.^[1]^[2]

In 2023, Qilin attacks included the following:

Netherlands care home Attent Zorg en Behandeling had passport information on a number of employees stolen^[3]
Thailand battery manufacturer, Thornburi Energy Storage Systems, a battery manufacturer in Thailand
Construction consultancy WT Partnership Asia
Chinese car parts manufacturer Yanfen, which affected operations at US car maker Stellantis

In 2024, Qilin was named in the following attacks:

Upper Merion Township in the United States was the victim of a ransomware attack where they claimed to have stolen 500GB including information on staff and private contracts.^[4]

Felda Global Ventures Holdings Berhad in Malaysia was also attacked.^[4]
UK-based charity, the Big Issue had 550GB of data stolen including personnel information, contracts and partner data^[4]

References

^ Hern, Alex (2024-06-05). "Who are Qilin, the cybercriminals thought behind the London hospitals hack?". The Guardian. ISSN 0261-3077. Retrieved 2024-06-05.
^ "Qilin ransomware gang likely behind crippling NHS attack | Computer Weekly". ComputerWeekly.com. Retrieved 2024-06-05.
^ "The State of Ransomware in 2023 | BlackFog". 2024-01-08. Retrieved 2024-06-05.
^ ^a ^b ^c "Street newspaper appears to have Big Issue with Qilin ransomware gang". 2024-06-01. Retrieved 2024-06-05.

[1] Hern, Alex (2024-06-05). "Who are Qilin, the cybercriminals thought behind the London hospitals hack?". The Guardian. ISSN 0261-3077. Retrieved 2024-06-05.

[2] "Qilin ransomware gang likely behind crippling NHS attack | Computer Weekly". ComputerWeekly.com. Retrieved 2024-06-05.

[3] "The State of Ransomware in 2023 | BlackFog". 2024-01-08. Retrieved 2024-06-05.

[:0-4] "Street newspaper appears to have Big Issue with Qilin ransomware gang". 2024-06-01. Retrieved 2024-06-05.

[1]

[2]

[3]

[4]