Uncovering Qilin attack methods exposed through multiple cases

Qilin Ransomware Leveraging Mspaint And Notepad To Find Files With Sensitive Information - Cybernoz - Cybersecurity News

Qilin ransomware has emerged as one of the most devastating threats in the second half of 2025, operating at an alarming pace with over 40 victim disclosures per month on its public leak site. Originally tracked under the name Agenda before rebranding to Qilin around July 2022, this ransomware-as-a-service platform has evolved into a global menace affecting organizations across multiple continents and industrial sectors. The group’s dual-extorti…

Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack

The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the ransomware-as-a-service (RaaS) operation has emerged as one of the most active ransomware groups, accounting for

Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files

In the latter half of 2025, the Qilin ransomware group has solidified its standing as a formidable threat, continuing to post details of more than 40 victims per month on its public leak site. This rapid, relentless campaign—primarily impacting manufacturing, professional and scientific services, and wholesale trade—has propelled Qilin among the world’s most impactful ransomware […] The post Qilin Ransomware Exploits MSPaint and Notepad to Locat…

Uncovering Qilin attack methods exposed through multiple cases

Qilin 勒索软件在 2025 年下半年活跃，每月泄露超 40 起案件，制造业受创最重。该组织采用双重勒索策略，并利用 Cyberduck 和 Mimikatz 等工具进行攻击。