The Evolution of Qilin RaaS

216.73.216.6

The Evolution of Qilin RaaS

· Published 08/10/2025 16:25 · Modified 08/10/2025 16:40

Essential information

Published: 08/10/2025 16:25
Modified: 08/10/2025 16:40
Tags: 2025-10-08 agenda alphvblackcat bitcoin fin12 kela nova onion phishing qilin raas ransomware ryuk supply chain attack tor wikileaks
Related entities: 5 observables, 1 intrusion sets (apt), 3 techniques (mitre), 2 malware

Description

Qilin ransomware is used for domain-wide encryption, and a ransom is then demanded for the decryption keys and/or to prevent the publication of the stolen data. Qilin affiliates are recruited from cybercrime forums to use the Qilin RaaS platform, which handles payload generation, the publication of stolen data, and ransom negotiations.

External references

https://www.sans.org/blog/evolution-qilin-raas
https://otx.alienvault.com/pulse/68e69076a95f1726dd5d19eb

The Evolution of Qilin RaaS

Essential information

Description

Related entities

Observables (5)

Intrusion sets (APT) (1)

Techniques (MITRE) (3)

Malware (2)

External references