Qilin Ransomware Continues to Impact Manufacturing Sector

In the second half of 2025, the Qilin ransomware group has continued to publish victim information on its leak site, impacting over 40 cases per month. The manufacturing sector has been the most affected, followed by professional and scientific services, and wholesale trade. The attackers have used tools like Cyberduck for data exfiltration and legitimate Windows applications like mspaint.exe and notepad.exe to inspect sensitive information. The group employs a double-extortion strategy, combining file encryption with the threat of public data exposure.

Latest mentioned: 10-27

Earliest mentioned: 10-26

Sources

gbhackers.com cyble.com talosintelligence.com databreaches.net

Also Read

New Android Banking Trojan Herodotus Mimics Human Behavior

Cybersecurity researchers have uncovered a new Android banking trojan called Herodotus, which mimics human behavior to evade detection. The malware, distributed via SMS phishing, targets financial apps and cryptocurrency platforms. Herodotus introduces random delays in text input to appear human-like, making it harder for behavioral biometrics to detect fraud. The trojan is part of a malware-as-a-service model and is under active development, posing new challenges for banks and payment providers.

10-28Read more →