Qilin.B Ransomware Emerges with Enhanced Evasion and Encryption - #Agenda
The Qilin ransomware has evolved significantly, now incorporating credential theft from Google Chrome browsers into its attack methodology. Sophos X-Ops and other cybersecurity researchers reported that the ransomware group's latest variant, Qilin.B, employs advanced encryption techniques and evasion strategies, including the use of Rust programming and AES-256-CTR encryption. Several high-profile attacks, including those on Synnovis and other major institutions, have illustrated the devastating impact of Qilin's double extortion tactics. The ransomware initially gains network access through compromised VPN credentials, exploiting the absence of multi-factor authentication. Recommendations to combat these threats include implementing MFA, conducting regular security updates, and educating users on safe password storage practices. The increased sophistication and persistence of Qilin underscore the critical need for robust cybersecurity measures and organizational preparedness against evolving ransomware threats.