Qilin Ransomware Disrupts Operations of New York's Hyde Fuel
Incident Date:
June 12, 2024
Overview
Title
Qilin Ransomware Disrupts Operations of New York's Hyde Fuel
Victim
Hyde Fuel
Attacker
Qilin
Location
First Reported
June 12, 2024
Qilin Ransomware Group Targets Hyde Fuel
Overview of Hyde Fuel
Hyde Fuel, operating under the registered name P.J. Hyde & Son, Inc., has been a cornerstone in the Tri-Lakes region of New York since 1965. Specializing in the distribution and delivery of heating fuels, the company provides heating oil, propane, and kerosene to residential, commercial, and industrial customers. Hyde Fuel is renowned for its high-quality products and exceptional customer service, offering 24/7 fuel delivery and maintenance services. The company has grown steadily, becoming one of the largest privately owned businesses in the North Country.
Details of the Ransomware Attack
Hyde Fuel recently fell victim to a ransomware attack orchestrated by the Qilin group. The attack has significantly disrupted their operations, despite the company's reputation for competitive salaries and a positive working environment. The Qilin ransomware group, also known as Agenda, claimed responsibility for the attack via their dark web leak site. The group is known for targeting critical infrastructure and employing double extortion techniques, where they exfiltrate sensitive data in addition to encrypting it.
About the Qilin Ransomware Group
Emerging in 2022, the Qilin ransomware group has quickly become a prominent threat in the cybersecurity landscape. They specialize in ransomware-as-a-service (RaaS), targeting critical infrastructure sectors worldwide. Qilin's ransomware is written in Rust and Go, making it difficult to decipher and evade detection. The group customizes attacks for each victim, complicating recovery efforts. They often use phishing emails to infiltrate systems and laterally move across networks to identify valuable data for encryption.
Potential Vulnerabilities
Hyde Fuel's extensive operations and reliance on digital systems for monitoring fuel levels, scheduling deliveries, and managing customer data make it a prime target for ransomware attacks. The company's commitment to providing uninterrupted service may have inadvertently created vulnerabilities that Qilin exploited.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.