A Sydney Steel Company Caught in a Cyber Nightmare
An Australian steel galvanising company, Galvatech, has become the latest target of a cybercrime group known as Qilin. Based in Padstow, a suburb in Sydney, Galvatech provides specialised steel coating services used in construction and manufacturing across the country.
On April 9, Qilin claimed responsibility for a cyberattack on the company and announced it had stolen 11 gigabytes of data from Galvatech’s internal systems. That’s a huge amount of information—over 23,000 files in total.
The news came out when the hackers posted about the attack on their darknet website. They included samples of the stolen data to prove the hack was real. The leaked documents included emails, cost reports, store receipts, and a training file with employee signatures.
The hackers haven’t said how much ransom they want or when they will release the full stolen data. However, their post has already caught attention. In just a few days, the page with Galvatech’s name and data has been viewed over 4,500 times.
Who Is Behind the Attack?
The group behind this cyberattack calls itself Qilin, named after a mythical creature from Chinese folklore. However, people tracking cybercrime say the group often uses the Russian language when talking on hacker websites.
Qilin has been active since August 2022 and has reportedly attacked between 300 and 500 companies since then. It is now considered one of the 10 most active ransomware groups in the world, based on data from cybersecurity experts.
Cyberattack Catastrophe: How Hackers Can Endanger Human Lives ?
This group uses a cyberattack called “double extortion.” First, they lock or encrypt a company’s files. This makes it impossible for the business to access its own data. Then, they demand money to unlock the files. But that’s not all. Qilin also threatens to release or sell the stolen data online if the company doesn’t pay. This puts pressure on businesses. They risk losing both their data and their reputation.
Qilin’s software is built using a programming language called Golang. This language is known for being powerful and flexible, which makes their ransomware especially dangerous and hard to block.
A Pattern of Attacks Across the Region
This isn’t the first time Qilin has attacked businesses and organisations in the Asia-Pacific region. The group has been especially active in recent months.
In January 2025, Qilin claimed responsibility for hacking an Australian freight company called Globelink International. Just a month later, in February, it reportedly targeted the Ministry of Health and Human Services in the small island nation of Palau.
Qilin’s biggest known attack was on Synnovis Group, a pathology service in the UK. It happened in June 2024. The attack caused chaos in five hospitals in London. Medical tests were postponed, and some patient procedures were delayed. Authorities called it a critical incident. This shows how serious a ransomware attack can be.
How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?
Now, with Galvatech’s name added to their growing list of victims, Qilin has once again made headlines. The hackers appear to be targeting a wide range of industries—from freight to healthcare, and now steel manufacturing.
The attack on Galvatech serves as a reminder that cybercriminals are not slowing down—and any company connected to the internet can be a potential target.
