Qilin Ransomware Strikes Edlong Corporation

Incident Date:

May 11, 2024

World map

Overview

Title

Qilin Ransomware Strikes Edlong Corporation

Victim

Edlong Corporation

Attacker

Qilin

Location

Elk Grove Village, USA

Illinois, USA

First Reported

May 11, 2024

Ransomware Attack on Edlong Corporation

Victim Profile

Founded in 1914, Edlong Corporation specializes in dairy and dairy-free flavor solutions. The company is headquartered in Elk Grove Village, Illinois, and offers custom flavor development, applications and culinary support, regulatory compliance, and supply chain performance. Edlong produces and supplies dairy flavors and ingredients to its clients.

Company Size and Industry Standing

As of 2023, Edlong Corporation had an annual revenue of $35.9 million and employed 123 individuals. The company stands out in the food and beverage industry for its expertise in creating authentic dairy and dairy-free flavors. Edlong's flavors are used globally to enhance taste profiles, mask off-notes, and improve mouthfeel in various applications.

Vulnerabilities and Targeting

Edlong Corporation's focus on developing signature taste creations and its commitment to authenticity make it an attractive target for threat actors like the Qilin ransomware group. The company's extensive experience in replicating the taste of dairy in reduced-fat and lower-calorie products, as well as its range of flavors catering to clean label and Better-For-You products, could have made it vulnerable to a ransomware attack.

Ransomware Group Distinction

The Qilin ransomware group, also known as Agenda, distinguishes itself by targeting critical infrastructure organizations worldwide, including healthcare, education, and other essential services. Qilin's ransomware attacks are highly customizable for each victim, making it challenging for organizations like Edlong Corporation to recover their encrypted files. The group's use of the double extortion technique, where they exfiltrate sensitive data in addition to encrypting it, adds another layer of threat to their victims.

Possible Penetration

Qilin ransomware attacks often start with phishing emails containing malicious links that allow the group to gain access to a victim's infrastructure. Once inside, the threat actors move laterally across the network, searching for essential data to encrypt. The ransomware is written in Rust and Go programming languages, making it evasion-prone and difficult to decipher, further complicating recovery efforts for targeted organizations like Edlong Corporation.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.