Qilin ransomware targets 25 Korean finance firms in cyber surge
South Korea’s financial sector has experienced a significant increase in targeted cyberattacks, attributed to the Qilin ransomware group.
The campaign, dubbed ‘Korean Leaks,’ has resulted in dozens of financial service firms being compromised over a short period, raising concerns over both cybercrime and geopolitical motivations.
The campaign exploited managed service providers (MSPs) as an entry point, enabling attackers to gain access to multiple firms within the financial sector simultaneously. This coordinated method resulted in 25 organisations being claimed as victims in a single month, most of which are asset management companies. Only one construction firm outside the financial sector was impacted.
Read more at SecurityBrief Asia