Ransomware Gang Targets Google Chrome Users In Surprise New Threat Twist
Qilin, the Russia-linked cybercrime group thought to be behind the June attacks that caused chaos at a number of U.K. hospitals in June, has now been caught stealing credentials stored within Google Chrome browsers in a surprise new twist to the ransomware attack threat.
Although ransomware is not only a long-established but also increasingly costly threat to organizations, Qilin is a relatively new player in the nasty cybercrime game. Running a Ransomware-as-a-Service criminal operation, Qilin is known to date back only as far as October 2022. Researchers from the Sophos X-Ops team have now analyzed a recent attack by the Qilin operators and discovered a new and unusual tactic which they describe as providing “a bonus multiplier for the chaos already inherent in ransomware situations.” That tactic being the simultaneous theft of credentials from Google Chrome browsers found on a subset of the victim network’s endpoints, extending the potential reach of the attack beyond the original target.
Source: Forbes