Qilin ransomware attacks Korean MSP, 28 financial institutions affected, 2TB of data leaked

According to The Hacker News, the Qilin ransomware group launched a "Korean Leaks" supply chain attack by breaching the South Korean IT service provider GJTec, resulting in 28 financial companies being affected and over 1 million files totaling 2 TB of data being stolen.

Bitdefender's investigation found that this operation is linked to the North Korean-backed APT "Moonstone Sleet," suspected of collaborating with the Russian-speaking Qilin group, aiming to exert pressure on the South Korean financial market.