A Giant Company Under Threat
SK Group, one of South Korea’s biggest companies, has become the latest victim of a dangerous cyberattack. A ransomware group called Qilin says it stole 1 terabyte of data from SK Group. Early Thursday morning, the group posted a message on its dark web site. They said they took the files and will leak them if SK Group doesn’t contact them within 48 hours.
So far, the hackers have not shared any sample of the stolen information, which means there is still no clear proof of what exactly they took. But their post was loud and clear: either SK Group reaches out to them, or they’ll publish everything they have.
SK Group is a very big company. It runs over 260 businesses around the world. These include energy, phones, medicine, electric car batteries, and computer chips. It is the second biggest family-owned company in South Korea, after Samsung. SK Group has more than 80,000 workers worldwide. It also operates in over 20 U.S. states. This makes it a big target for cybercriminals.
Cybernews, a tech news outlet, has reached out to SK Group for a comment, but at the time of writing, no reply has been made public.
Who is Qilin?
Qilin is a ransomware gang. It has been in the news a lot lately. Experts think the group speaks Russian. They work under a model called “Ransomware-as-a-Service,” or RaaS. This means they make hacking software. Then, they let others use it to attack companies. In return, Qilin takes a share of the ransom money.
They use a nasty technique called double extortion. First, they lock up a company’s data so the company can’t access it. Then, they steal the data and threaten to leak it if a ransom is not paid—so the company is blackmailed twice.
How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?
Qilin has been busy in 2025. They’ve attacked at least 68 victims in just the last month, placing them among the top five most active ransomware groups. Their targets include hospitals, schools, media companies, and now SK Group. Earlier this year, they hacked Lee Enterprises, a major U.S. newspaper company. They also attacked hospitals in Japan and even shut down some services in London hospitals last year when they hit a medical lab.
In one of their worst attacks, they targeted a cancer center in Japan, exposed sensitive health information for 300,000 patients, and rendered the hospital systems unusable. And in 2024, they allegedly demanded $50 million after attacking a UK health service partner.
How They Break In
Qilin has become more advanced over time. At first, they used phishing emails to trick people—sending messages that looked real but were designed to steal passwords or install harmful software. But now, they’ve started using even smarter methods.
According to researchers, they’ve been stealing saved passwords from web browsers like Google Chrome. They also know how to sneak past or even turn off security programs that companies use to protect their systems. This makes them harder to stop.
One serious way they’ve been breaking in is by using a dangerous flaw in a computer tool called Citrix, which many businesses use. This flaw, known as “Citrix Bleed,” was discovered and fixed in 2023, but not all companies updated their systems. That left the door open for hackers like Qilin to slip in.
Cyber Attacks on Connected Cars
Hackers developed the ransomware software Qilin.B using the Rust programming language, designing it so others can easily customize and use it in their own attacks. This helps Qilin spread their reach even further.
