Qilin Hits 700 Attacks in 2025 as RansomHub Affiliates Migrate
Category:Threat Alerts / Malware & Ransomware
Industrial Cyber notes Qilin reached 700 attacks in 2025, with heavy impact on manufacturing, government, education, and healthcare. Data theft totals exceed 116 TB, with the U.S. the most targeted. Affiliates reportedly migrated post-RansomHub shutdown.
CORTEX Protocol Intelligence Assessment
Business Impact: Ransomware exposure remains high for manufacturing and public sector. Technical Context: Double-extortion tactics, cross-sector targeting, and affiliate-driven RaaS operations broaden the attack surface.
Strategic Intelligence Guidance
- Enforce network segmentation and offline backups with restore drills
- Deploy EDR with behavioral ransomware detection
- Monitor for exfiltration utilities and cloud storage abuse
- Pressure test third-party recovery SLAs for critical suppliers
Threats
Targets
Impact
Data Volume:116 TB (cumulative, reported)
Financial:Multiple demands ($700K–$10M reported)
Intelligence Source: Qilin ransomware escalates rapidly in 2025, targeting critical sectors with 700 attacks amid RansomHub shutdown - Industrial Cyber | Oct 28, 2025