Qilin Ransomware Hits Korean IT Firm GJTec, Steals Data from Financial Companies

South Korea’s financial sector faced a Russia–North Korea-linked ransomware supply chain attack that compromised sensitive banking information from multiple institutions.

103d ago

Summary

South Korea’s financial sector was targeted in a coordinated supply chain attack using Qilin ransomware, leading to the theft of 2 terabytes of sensitive banking data. The intrusion affected multiple financial institutions and has been attributed to collaboration between Russian threat actors and North Korea’s Moonstone Sleet APT group. Cybersecurity experts warn the attack poses a serious threat to South Korea’s financial market stability.

Terms & Concepts

Ransomware: Malicious software that encrypts a victim's data and demands payment for decryption.
APT (Advanced Persistent Threat): A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended time.
Qilin ransomware: A ransomware variant associated with Russian-speaking threat actors, known for targeting organizations and demanding payment for data release.