The Qilin ransomware group has claimed the attack on Japanese beer giant Asahi by adding the company to the list of victims on its data leak site.
The threat actor claims to have exfiltrated more than 9,300 files in 27GB of data. As proof of the theft, the hackers published 29 images showing internal financial documents, employee IDs, as well as confidential contracts and internal reports.
Asahi is Japan’s largest brewing company, with 30,000 employees, an annual production of 100 million hectoliters, a yearly revenue of $20 billion.
On September 29th, the company suspended operations at six Japan-based facilities due to a cyberattack.
On October 3rd, the company confirmed that the disruption was caused by a ransomware attack on its systems and the subsequent investigation found evidence of data exfiltration.
At the time, no ransomware groups claimed the attack publicly. However, the Qilin gang published the company on their data leak site, likely after failing to negotiate a ransom with the company.
Qilin ransomware announcing Asahi
Source: BleepingComputer
Qilin ransomware emerged in 2023 and is a multi-platform threat that has previously been linked to Scattered Spider and, more recently, to North Korean hackers.
The group is infamous for exploiting critical flaws in edge network devices, deploying credential theft tools, and continually advancing their encryptor.
... continue reading