Qilin Ransomware
Threat Profiles & Threat Objects
-
- Trending Threat Alert: Qilin Ransomware - We recently added a large amount of new TTP intelligence to our Qilin Ransomware objects as the group continues to claim an alarming number of attacks.
- Attack trends: August represented a new monthly high of victims claimed by Qilin ransomware actors (87 victims).
- Qilin claimed the highest number of victims of all ransomware groups the past two months, making it the highest-weighted threat in our “Major & Emerging Ransomware and Extortion Threat” curated Threat Profile, available by default in all Enterprise Edition tenants, during those months.
- Qilin has remained in this Threat Profile throughout most of this year, meaning teams using this Profile in Coverage Maps have been continually assessing their coverage against this threat’s TTPs.
- Recent TTP intelligence updates: We updated Group metadata and added many new Technique, threat object, and Procedure relationships related to Qilin based on recent technical reporting.
- These updates include two Campaigns that added nearly 50 Technique relationships; more than tripling the number of Techniques related to the Qilin Ransomware Software; and the addition of more than 50 Qilin-related Procedure Sightings.