Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers claim to have stolen 11 gigabytes of company data from a Sydney-based galvanising firm.
The Qilin ransomware gang has listed Australian galvanised steel provider Galvatech as a victim on its darknet leak site.
Qilin made the claims in an 9 April post and claimed to have stolen 11 gigabytes of data, totalling more than 23,000 files.
The hackers have not listed any ransom demand or date of intended publication of the stolen data. However, they have listed several internal documents as evidence of successful data exfiltration. These include email correspondence, a costing report, and several retail receipts, as well as what appears to be an internal training document with employee signatures.
Since the initial posting, the leak page has been viewed more than 4,500 times.
Qilin takes its name from a creature from Chinese myth, though its members have been observed communicating in Russian on several hacking forums. The group was first observed in August 2022 and has claimed somewhere between 300 and 500 victims in that time; it is currently one of the top 10 most active ransomware operators, according to security researchers.
Qilin’s encryptor is written in the Golang programming language. The gang uses double extortion tactics to pressure its victims, both demanding a ransom for a decryptor and threatening to publish data if a ransom is not received.
The gang was responsible for a devastating attack on the UK-based pathology services provider Synnovis Group, which caused operational disruption at five London hospitals in June 2024. The attack was declared a critical incident that led to the postponement of patient procedures.
Qilin has recently been active in the region, claiming an attack on the Palau Ministry of Health and Human Services in February and Australian freight forwarder Globelink International in January.
Galvatech offers steel galvanising services and is based in the Sydney suburb of Padstow.
Cyber Daily has reached out to Galvatech for comment on the alleged incident but has yet to receive a response.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
