Qilin Ransomware Hits Atlantic Refrigeration Co. in Cyber Attack
Incident Date:
September 9, 2024
Overview
Title
Qilin Ransomware Hits Atlantic Refrigeration Co. in Cyber Attack
Victim
Atlantic Refrigeration Co
Attacker
Qilin
Location
First Reported
September 9, 2024
Qilin Ransomware Group Targets Atlantic Refrigeration Co.
The Qilin ransomware group, also known as Agenda, has claimed responsibility for a cyber attack on Atlantic Refrigeration Co., a specialized service provider in the commercial refrigeration and ice machine industry. The attack was announced on Qilin's dark web leak site, where the group provided sample screenshots as evidence of the breach.
About Atlantic Refrigeration Co.
Atlantic Refrigeration Co., operating under the domain atlanticice.com, has been a trusted name in commercial refrigeration and ice machine services since 1940. The company offers comprehensive service repairs, installations, and preventive maintenance programs for various refrigeration systems, including ice machines and walk-in coolers. Their commitment to specialized service and customer satisfaction has made them a preferred service provider for warranty repairs on equipment from leading manufacturers in the Philadelphia area and surrounding counties.
Attack Overview
The Qilin ransomware group infiltrated Atlantic Refrigeration Co.'s data systems, exfiltrating sensitive information before encrypting it. The attackers have employed a double extortion strategy, threatening to release the stolen data if the ransom is not paid. This tactic is designed to maximize pressure on the victim to comply with the ransom demands.
About Qilin Ransomware Group
Qilin, operating under a Ransomware-as-a-Service (RaaS) model, has been active since July 2022. The group uses Rust-based malware, which enhances its evasion capabilities and allows for effective attacks across multiple operating systems, including Windows and Linux. Qilin's operations have targeted over 150 organizations in 25 countries, with notable attacks on healthcare providers, educational institutions, and large enterprises.
Penetration and Vulnerabilities
Qilin typically gains initial access through phishing emails containing malicious links. Once inside the network, they utilize vulnerabilities to escalate privileges and move laterally within the victim's systems. Atlantic Refrigeration Co.'s reliance on specialized equipment and extensive service area may have made them an attractive target for Qilin, as disruptions in their operations could have significant impacts on their commercial clients.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.