Qilin Ransomware Expands Target List Across Global Industries
Category:Threat Intelligence / Ransomware
The Qilin ransomware group announced new victims, including Spain’s tax agency, Turnkey Africa, and multiple U.S. organizations. Resecurity’s report highlights Qilin’s reliance on bulletproof hosting providers in Russia and Hong Kong to maintain extortion infrastructure. The group’s latest attacks target automotive, municipal, and healthcare sectors globally.
CORTEX Protocol Intelligence Assessment
Business Impact: High likelihood of data exposure and operational disruption across affected sectors. Technical Context: Qilin uses advanced RaaS infrastructure and data exfiltration prior to encryption, supported by bulletproof hosting to evade takedowns.
Strategic Intelligence Guidance
- Review ransomware resilience strategies and segmentation.
- Monitor for exfiltration activity from unusual domains.
- Block access to known Qilin infrastructure and IPs.
- Engage law enforcement if ransom communication occurs.
Threats
Targets
Impact
Data Volume:Multiple TBs
Financial:$10 million
Intelligence Source: Qilin Ransomware Announced New Victims | Oct 16, 2025