Ransomware Group

qilin

Qilin ransomware was first observed in July of 2022. Qilin Ransomware is written in Golang and supports multiple encryption modes; all of which are controlled by the operator. Qilin actors practice double extortion – demanding payment for a decryptor, as well as for the non-release of stolen data.

1928 Known Victims

Threat Level

CRITICAL

Known Infrastructure

The following Tor hidden services have been associated with this group:

kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onion
ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion
ji57fr53anp7wb44tbbnp72qcgbhqywy4jmbncawdcrejj5amuvh3zqd.onion
ozsxj4hwxub7gio347ac7tyqqozvfioty37skqilzo2oqfs4cw2mgtyd.onion

⚠️ Warning: These are malicious sites. Do not visit without proper security measures.

Check If You're Affected

Search our database to see if your organization appears in qilin's victim list.

Try It NowFree

Try:|

Get instant threat analysis with risk scores, threat categories, and detailed reports.

Other Active Ransomware Groups

Lockbit Blackcat Cl0p Play Bianlian Akira Medusa Rhysida