Qilin Ransomware Strikes Edlong Corporation
Incident Date:
May 11, 2024
Overview
Title
Qilin Ransomware Strikes Edlong Corporation
Victim
Edlong Corporation
Attacker
Qilin
Location
First Reported
May 11, 2024
Ransomware Attack on Edlong Corporation
Victim Profile
Founded in 1914, Edlong Corporation specializes in dairy and dairy-free flavor solutions. The company is headquartered in Elk Grove Village, Illinois, and offers custom flavor development, applications and culinary support, regulatory compliance, and supply chain performance. Edlong produces and supplies dairy flavors and ingredients to its clients.
Company Size and Industry Standing
As of 2023, Edlong Corporation had an annual revenue of $35.9 million and employed 123 individuals. The company stands out in the food and beverage industry for its expertise in creating authentic dairy and dairy-free flavors. Edlong's flavors are used globally to enhance taste profiles, mask off-notes, and improve mouthfeel in various applications.
Vulnerabilities and Targeting
Edlong Corporation's focus on developing signature taste creations and its commitment to authenticity make it an attractive target for threat actors like the Qilin ransomware group. The company's extensive experience in replicating the taste of dairy in reduced-fat and lower-calorie products, as well as its range of flavors catering to clean label and Better-For-You products, could have made it vulnerable to a ransomware attack.
Ransomware Group Distinction
The Qilin ransomware group, also known as Agenda, distinguishes itself by targeting critical infrastructure organizations worldwide, including healthcare, education, and other essential services. Qilin's ransomware attacks are highly customizable for each victim, making it challenging for organizations like Edlong Corporation to recover their encrypted files. The group's use of the double extortion technique, where they exfiltrate sensitive data in addition to encrypting it, adds another layer of threat to their victims.
Possible Penetration
Qilin ransomware attacks often start with phishing emails containing malicious links that allow the group to gain access to a victim's infrastructure. Once inside, the threat actors move laterally across the network, searching for essential data to encrypt. The ransomware is written in Rust and Go programming languages, making it evasion-prone and difficult to decipher, further complicating recovery efforts for targeted organizations like Edlong Corporation.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.