Qilin

Also known as Pestilent Mantis, Agenda
Reports
161
First seen
Aug 19
Last seen
Jun 25
Motivation
extortion, financial, financial extortion

Targeting

Sectors
manufacturing ×18healthcare ×16other ×12professional services ×12retail ecommerce ×7education ×4financial services ×3media entertainment ×3
Victim regions
United States ×33Canada ×3Malaysia ×3Germany ×3France ×2Spain ×2Libya ×1Taiwan ×1

Top ATT&CK techniques

T1486 Data Encrypted for Impact ×13T1190 Exploit Public-Facing Application ×12T1566 Phishing ×11T1195 Supply Chain Compromise ×8T1078 Valid Accounts ×6T1021 Remote Services ×6T1041 Exfiltration Over C2 Channel ×6T1059 Command and Scripting Interpreter ×5T1133 External Remote Services ×5T1562.001 Impair Defenses: Disable or Modify Tools ×4T1105 Ingress Tool Transfer ×4T1567 Exfiltration Over Web Service ×4

Indicators

domain ×145filename ×75cve ×64hash_sha256 ×1ip_v4 ×1hash_sha1 ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

High

Check Point VPN Authentication Bypass: Six-Week Exploitation Window and Perimeter Defense Limitations

CyberScoop
High

Qilin ransomware gang publishes ISOPLUS as new victim

ransomware.live
High

Qilin ransomware gang publishes Cash Canada as victim

ransomware.live
High

Qilin ransomware gang claims Lee International as new victim

ransomware.live
High

Qilin ransomware gang publishes Schumacher Homes as victim

ransomware.live
Critical

Qilin ransomware gang claims Central Bank of Libya as new victim

ransomware.live
High

Qilin ransomware gang publishes Taiwan Sintong Machinery Co., Ltd as victim

ransomware.live
High

Qilin ransomware gang publishes Sivatel Bangkok as victim

ransomware.live
High

Qilin ransomware gang publishes Tri-tec as victim

ransomware.live
High

Qilin ransomware gang claims Florida Engineering Services victim

ransomware.live
High

Qilin ransomware gang publishes Pacific Lamp & Supply as victim

ransomware.live
High

Qilin ransomware gang publishes Roth Industries as victim

ransomware.live
High

Qilin ransomware gang publishes Sparkle Pools as new victim

ransomware.live
High

Qilin ransomware gang publishes PJ Daly Contracting as victim

ransomware.live
High

Qilin ransomware gang publishes Commune d'Eyguires as victim

ransomware.live
High

Qilin ransomware publishes THL Project Management Sdn. Bhd. as victim

ransomware.live
High

Qilin ransomware group claims Homes By J Anthony as victim

ransomware.live
High

Qilin ransomware gang publishes ATCOM Outsourcing as victim

ransomware.live
High

Qilin publishes Grupo Bimbo (Skupina Don Don) as ransomware victim

ransomware.live
High

Qilin ransomware gang publishes Makel Companies Group as victim

ransomware.live
High

Qilin ransomware gang claims Golfview Developmental Center victim

ransomware.live
High

Qilin ransomware gang publishes Misericórdia de Santo Tirso as victim

ransomware.live
High

Qilin ransomware group publishes Q Link Wireless as victim

ransomware.live
High

Qilin ransomware publishes new victim: Cng Ty Cp T Vn Xd Tng Hp

ransomware.live
High

Qilin ransomware gang publishes MAVA Healthcare as victim

ransomware.live
High

Qilin ransomware gang publishes Grupo Indi as new victim

ransomware.live
High

Qilin ransomware claims Can Healthcare Group as victim

ransomware.live
High

Weekly Cybersecurity Recap: Chrome 0-Day, Oracle PeopleSoft Exploit, Supply Chain Attacks

The Hacker News
Critical

Check Point Threat Intelligence Report – 15 June 2026

Check Point Research
High

Qilin ransomware gang publishes DISTINET MURCIA SL as victim

ransomware.live

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.