Ransomware Group: QILIN

VICTIM NAME: Ministry of Foreign Affairs of Ukraine

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page details a significant data breach involving the Ministry of Foreign Affairs of Ukraine. The leaked information reportedly contains sensitive data, including private correspondence, personal details, and decrees related to the ministry. This data has been confirmed as being compromised as of March 6, 2025. The leak is attributed to a group known as ‘qilin,’ which has been active in managing and distributing stolen data. The threat actors have indicated that portions of this data have already been sold successfully, raising concerns over further exposure and misuse of sensitive government information.

Statistical analysis from the extracted information indicates that numerous infostealer tools were employed to amass data from various users, with an estimated 2,733 individuals potentially affected by this breach. Commonly used infostealer software included RedLine, which is noted for its prevalence in data theft operations, alongside others such as Raccoon and Vidar. This breach underscores the significant risks associated with public sector cybersecurity vulnerabilities and the ongoing threats from cybercriminal activity in different regions, especially given the international implications of the leaked data concerning governmental affairs.