Incident Date (Estimated & Discovered): August 12, 2025 — ransomware activity attributed to the Qilin group was both executed and identified on this date. [1][2]
Target: Venture Credit Union, a prominent financial services provider in Trinidad and Tobago offering car loans, mortgages, consumer loans, and investment tools. [1][2]
Threat Actor: Qilin, a long-standing Russian-speaking ransomware group first observed in July 2022. Known for using Go-based ransomware and engaging in double-extortion tactics—demanding payments for both decryption and non-disclosure of stolen data. [1][3]
Nature of Attack: The attack is estimated to have occurred and been discovered on 2025-08-12. [1][2]
Detection: Confirmed by ransomware.live, which tracks ransomware group activity. The site lists Venture Credit Union as a Qilin victim with the attack dated and discovered on August 12, 2025. [1]
Global Standing: Qilin emerged as the most dominant ransomware group in Q2 2025, offering pressure-enhancing extortion services such as regulatory complaint preparation, outreach to victims’ customers or employees, and overflow attacks across communication channels. [4]
July Disclosures: In July 2025, Qilin claimed 73 victims—top among ransomware groups—and accounted for 17% of all disclosed attacks that month. [5]
Ecosystem Dynamics: Qilin’s rise coincided with the collapse of major ransomware groups like RansomHub, LockBit, Everest, and BlackLock earlier in 2025, shifting the ransomware landscape. [6]
Ransomware.Live - https://www.ransomware.live/id/dmVudHVyZWNyZWRpdHVuaW9uLmNvbUBxaWxpbg%3D%3D
HookPhish - https://www.hookphish.com/blog/ransomware-group-qilin-hits-venturecreditunion-com/
Wikipedia - https://en.wikipedia.org/wiki/Qilin_(cybercrime_group)
CheckPoint - https://research.checkpoint.com/2025/the-state-of-ransomware-q2-2025/
Cyble - https://cyble.com/blog/ransomware-groups-july-2025-attacks/
Cybereason - https://www.cybereason.com/blog/threat-alert-qilin-seizes-control