New Qiulong Ransomware Well-Equiped o Make Waves

The Qiulong ransomware gang, a new cyber threat actor, has emerged targeting Brazilian victims as the group announced their arrival by compromising Dr. Lincoln Graca Neto and Rosalvo Automoveis, two entities located in Brazil. 

The attackers created a website on which they posted data breaches containing summaries of the compromised targets, including mocking content directed at Dr. Lincoln Graca Neto. 

The Qiulong ransomware gang, which may have originated in Brazil, has launched attacks against Dr. Lincoln Graca Neto and Rosalvo Automoveis, where Dr. Neto appears to have either rejected the ransom demand or negotiated in bad faith, as he has not paid the ransom. 

Conversely, Rosalvo Automoveis has not yet initiated communication with the attackers, though they still have some time before their deadline.

While this is the first time Qiulong has been observed in action, its technical capabilities are evident from its ability to target multiple victims and potentially compromise sensitive data.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

These attacks suggest that the Qiulong gang intends to establish itself as a significant player in the landscape of ransomware threats.

In 2023, ransomware threat actors became considerably more active, with well-established ransomware gangs significantly increasing their attack rates and new groups forming to establish a presence in the cybercrime landscape. 

One such new group is Qiulong, whose name translates from Chinese to “horned dragon” or “hornless dragon,” possibly hinting at their Asian origins. The limited information available suggests that Qiulong is a relatively new entrant into the ransomware threat landscape.

A new ransomware gang, Qiulong, recently emerged from the shadows. Initial indications suggest a Brazilian base of operations, as it utilizes the well-established double-extortion tactic, inflicting a one-two punch on victims by simultaneously encrypting critical systems and stealing sensitive data. 

According to Privacy Affairs, the coercive approach strengthens their bargaining position during ransom negotiations, as they hold the decryption key and threaten to leak stolen information if their demands are unmet. 

With Qiulong’s activity still in its early stages, there is a dearth of information regarding its future targets and tactics’ evolution, and a lack of foresight makes it difficult to predict its next move.

Combat Email Threats with Easy-to-Launch Phishing Simulations: Email Security Awareness Training -> Try Free Demo 

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.