Berman Law Group Faces Ransomware Threat from Qilin

Incident Date: Nov 20, 2024

Attack Overview

VICTIM

Berman Law Group

INDUSTRY

Law Firms & Legal Services

LOCATION

USA

ATTACKER

Qilin

FIRST REPORTED

November 20, 2024

Request Removal

Ransomware Attack on Berman Law Group by Qilin

The Berman Law Group, a prominent legal firm based in Boca Raton, Florida, specializing in personal injury, civil rights, and criminal defense, has fallen victim to a ransomware attack orchestrated by the Qilin group. This mid-sized firm, employing between 51 and 200 individuals, is known for its client-centered approach and advocacy in legal services across multiple Florida locations.

Attack Overview

The attack was discovered on November 21, with Qilin demanding a ransom within 48 hours. The threat actor claimed to have exfiltrated 400 GB of sensitive data, including client and financial files, threatening to release this information on their dark web leak site if the ransom was not paid. This incident highlights the vulnerabilities faced by legal firms, which often handle sensitive client data, making them attractive targets for ransomware groups.

About the Qilin Ransomware Group

Qilin, also known as Agenda, is a Ransomware-as-a-Service (RaaS) group that emerged in July 2022. Known for its sophisticated ransomware tools, Qilin employs a double extortion strategy, encrypting data and threatening to leak it if ransoms are not paid. The group is affiliated with Russian-speaking actors and recruits affiliates through underground forums, allowing them to target large enterprises across various sectors.

Penetration and Distinctive Tactics

Qilin's ransomware is highly customizable, initially developed in Golang and later rewritten in Rust to enhance evasion capabilities. The group typically gains access through spear phishing and exploiting vulnerabilities in systems like Citrix ADC and VMware ESXi. Their focus on cross-platform adaptability allows them to target Windows, Linux, and VMware environments effectively. The attack on Berman Law Group likely involved exploiting these vulnerabilities, given the firm's reliance on digital infrastructure to manage client data and legal processes.

The Berman Law Group's commitment to personalized legal services and its reputation in the legal industry make it a significant target for cybercriminals seeking to exploit sensitive information for financial gain. This attack underscores the ongoing threat posed by ransomware groups like Qilin, which continue to evolve their tactics to bypass security measures and pressure victims into compliance.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.