Qilin Group Ransomware Attack on Beloin & Brown, LLC

Incident Date: May 11, 2024

Attack Overview
VICTIM
Beloin & Brown, LLC
INDUSTRY
Law Firms & Legal Services
LOCATION
USA
ATTACKER
Qilin
FIRST REPORTED
May 11, 2024

Ransomware Attack on Beloin & Brown, LLC by Qilin Group

Victim Profile

Beloin & Brown, LLC is a law firm based in Atlanta, Georgia, specializing in various areas of law including real estate, property tax, title litigation, professional malpractice, business litigation, business law, construction law, and bankruptcy law. The firm was founded by attorneys Frederic S. Beloin, Michael Welch, and Walter P. Walker in 1997. They represent notable clients in the industry and are located at 2550 Heritage Court, Suite 200, Atlanta, GA 30339.

Attack Details and Vulnerabilities

Beloin & Brown, LLC has reportedly fallen victim to a ransomware attack by the Qilin group. The attackers managed to exfiltrate 300 GB of sensitive data, including personnel records, contracts, and financial reports.

The company's vulnerabilities in being targeted by threat actors may stem from the sensitive nature of the legal information they handle, including client data and financial records. Additionally, the firm's website and network security measures may have been exploited by the Qilin group to gain unauthorized access to their systems.

Qilin Ransomware Group

The Qilin ransomware group, also known as Agenda, is a prominent ransomware-as-a-service (RaaS) group that emerged in 2022. They target critical infrastructure organizations worldwide, utilizing a double extortion technique where they encrypt data and threaten to release it if a ransom is not paid. Qilin ransomware attacks are highly customizable and written in Rust and Go programming languages, making them difficult to detect and decrypt.

The cybercriminal gang utilizes phishing emails containing malicious links to target victims and laterally move across their infrastructure to encrypt essential data. They have targeted organizations in various countries and pay out a significant portion of their earnings to affiliates, making them a notable threat in the cybersecurity landscape.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.