Qilin
We've curated 42 cybersecurity statistics about Qilin to help you understand how this emerging threat, which blends advanced malware techniques with deception strategies, is evolving in 2025.
Related Topics
Showing 1-20 of 42 results
The Qilin ransomware group was linked to ransomware incidents in 26 of the 31 countries analysed.
Qilin was responsible for 59 finance-sector incidents in the past year.
In September 2025, Qilin's compromise of a single South Korean MSP affected 32 financial institutions and resulted in over 2 terabytes of stolen data.
Among publicly disclosed attacks, Qilin was responsible for 22 attacks (8%), ShinyHunters 16 attacks (6%), and INC 11 attacks (4%).
Among undisclosed ransomware attacks in Q1 2026, Qilin led with 339 attacks (16%), The Gentlemen 200 attacks (9%), and Akira 190 attacks (9%).
In 2025, the Qilin group was responsible for 12.8% of ransomware attacks.
Activity from the Qilin ransomware group declined by 25% and activity from the Akira ransomware group declined by 22%.
According to their data leak site, in 2025, Qilin targeted more than 40 victims every month except January.
Qilin was the most seen ransomware variant in 2025.
Qilin affiliates take home a significant portion of their ransom payments (up to 80 - 85%), higher than typical RaaS payout structures.
Qilin led global ransomware activity, responsible for 15% of published attacks in February.
The number of ransomware variants in LATAM rose from 48 to 79 with the most impactful gangs being the Qilin, The Gentlemen, SafePay, Akira and Inc. groups.
The Qilin ransomware group claimed 1,115 victims in 2025, making it the most active ransomware group across disclosed and undisclosed attacks.
In Q3 2025, Qilin ransomware accounted for approximately 18% of Beazley Security incident response cases.
In Q3 2025, Akira, Qilin, and INC Ransomware accounted for 65% of all ransomware cases investigated by Beazley Security.
In Q3 2025, Qilin ransomware claimed 271 posts on their public leak site.
In 2025, Cisco Talos reported multiple incidents related to Qilin ransomware.
Approximately 23% of all reported cases of Qilin ransomware affected the manufacturing sector.
The number of victims whose information was posted on the Qilin ransomware leak site peaked at 100 cases in June 2025.
Around 18% of Qilin ransomware cases impacted professional and scientific services.