Qilin
Active Since
July 2022
Total Victims as of July 2024
128
Known Forum Aliases
XORacle, Haise, Qilin
Active Forum Accounts
CryptBB, Haise, Exploit
Target Geographies
US, Canada, France
Qilin gained notoriety in mid-2024 following an attack on pathology service provider Synnovis, which had debilitating effects on several hospitals and health care services in London, UK.
Also known as Agenda, Qilin is a Ransomware-as-a-Service (RaaS) operation which targets organizations in a number of industries and regions, boasting over 100 victims listed on its dark web leaks site. First identified in July 2022, Qilin is a new ransomware family written in Rust and GoLang programming languages. Personas associated with the Qilin ransomware operation have been observed advertising its affiliate program on several dark web cybercrime forums.
For more information on Qilin’s attack on Synnovis, listen to The Dark Dive Podcast episode: The Qilin Ransomware Group vs the National Health Service.