Qilin Ransomware Adds Lawyers to Squeeze Victims

The Qilin ransomware group has introduced a new “Call Lawyer” function to its affiliate platform, aiming to intensify pressure on victims during ransom negotiations. According to cybersecurity firm Cybereason, the Qilin ransomware adds lawyers to its toolkit as part of a broader strategy to expand its influence and fill gaps left by rival criminal groups. The feature provides legal consultation to affiliates, allowing them to escalate threats by highlighting potential legal and financial consequences of non-compliance.

Qilin, active since at least August 2022, gained notoriety after a June 2024 attack on UK healthcare provider Synnovis. The group uses double extortion tactics and takes a 15-20% cut of ransom payments. As the Qilin ransomware adds lawyers, it also enhances its platform with network propagation and DDoS tools, offering affiliates a full-service cybercrime model. The operation avoids targets in CIS countries and continues to grow in sophistication.

https://securityaffairs.com/179205/breaking-news/qilin-ransomware-gang-now-offers-a-call-lawyer-feature.html