Qilin

Qilin

Active Since

July 2022

Total Victims as of July 2024

128

Known Forum Aliases

XORacle, Haise, Qilin

Active Forum Accounts

CryptBB, Haise, Exploit

Target Geographies

US, Canada, France

Qilin gained notoriety in mid-2024 following an attack on pathology service provider Synnovis, which had debilitating effects on several hospitals and health care services in London, UK.

Also known as Agenda, Qilin is a Ransomware-as-a-Service (RaaS) operation which targets organizations in a number of industries and regions, boasting over 100 victims listed on its dark web leaks site. First identified in July 2022, Qilin is a new ransomware family written in Rust and GoLang programming languages. Personas associated with the Qilin ransomware operation have been observed advertising its affiliate program on several dark web cybercrime forums.

For more information on Qilin’s attack on Synnovis, listen to The Dark Dive Podcast episode: The Qilin Ransomware Group vs the National Health Service.