Skip to content
MalwareWiki

Malware

AgendaCrypt

aka Agenda · Qilin

Qilin ransomware has been active since at least 2022.

Qilin ransomware has been active since at least 2022. Both Golang and Rustlang samples have been observed in use. Qilin is known to operate with a Ransomwareas-a-Service (Raas) model, with double extortion (decrypter + non-release of data) tactics observed.

Family metadata imported from Malpedia (Fraunhofer FKIE).