嗯,用户让我总结一篇文章,控制在一百个字以内,而且不需要用“文章内容总结”这样的开头。首先,我得仔细阅读这篇文章,了解主要内容。 文章讲的是Qilin勒索软件团伙声称入侵了德国左翼政党Die Linke,并威胁要泄露数据。Die Linke已经确认了这次事件,但没有承认数据被盗。他们采取了措施限制损害,并与当局和IT专家合作恢复系统。 接下来,我需要提取关键信息:Qilin团伙、入侵Die Linke、威胁泄露数据、Die Linke确认事件但未承认数据被盗、攻击未影响会员数据库、Qilin活跃于2022年至今,每月攻击40多个目标,使用双重勒索策略。 然后,我要把这些信息浓缩到100字以内,确保涵盖主要点:入侵、威胁、确认事件、未影响会员数据、Qilin的活动情况和策略。 最后,检查语言是否简洁明了,避免冗余词汇。确保所有重要信息都被涵盖,并且符合用户的要求。 </think> Qilin 勒索软件团伙声称入侵德国左翼政党 Die Linke 并威胁泄露数据。该党确认事件但未承认数据被盗,攻击未影响会员数据库。Qilin 自 2022 年活跃,每月攻击超 40 个目标,使用双重勒索策略。 2026-4-4 17:37:56 Author: securityaffairs.com(查看原文) 阅读量:9 收藏
Qilin ransomware group claims the hack of German political party Die Linke
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach.
The Qilin ransomware group claims it stole data from Die Linke, a German political party, and is threatening to release it.
Die Linke is a left-wing political party in Germany. Its name means “The Left”, and it promotes policies focused on social justice, workers’ rights, and reducing economic inequality. Founded in 2007, it emerged from a merger of earlier leftist groups, including parties with roots in former East Germany.
The party disclosed the cyber incident on March 27, one day after the attack, but did not confirm whether threat actors had stolen data.
The party discovered the cyberattack on Thursday and immediately took parts of its IT systems offline to limit damage. It informed staff, alerted authorities, and promptly filed a criminal complaint.
As of the latest official data, Die Linke has about 123,126 members (end of 2025).
“According to current information, the perpetrators aim to publish sensitive data from within the party organization, as well as personal information of employees at party headquarters. It is impossible to assess whether and to what extent this will succeed or has already occurred. However, a corresponding risk exists.” reads a press release published by the German Party. “The party’s membership database was not affected. The perpetrators did not succeed in stealing any member data.”
The party confirmed that attackers did not access its membership database or steal member data. It linked the incident to the Qilin ransomware group, a Russian-speaking cybercrime organization that may pursue financial and political goals.
The party is taking rapid action to limit damage, working with authorities and IT experts to restore systems and resume normal operations as quickly as possible.
On April 1, Qilin announced the attack on Die Linke and added the party to its Tor data leak site, but shared no samples as proof of the breach.
Qilin ransomware operation has been active since 2022, it has become one of the most active RaaS groups in 2025, claiming over 40 victims monthly and peaking at 100 in June.
The group enables affiliates to deploy customized ransomware payloads against targeted organizations. Qilin uses double-extortion tactics, encrypting data while threatening to leak it via Tor-based portals. The group has targeted multiple sectors worldwide, including healthcare, manufacturing, and finance, leveraging phishing and known vulnerabilities.
In October 2025, Resecurity’s researchers detailed how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations.
In early October, DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin formed a strategic alliance to enhance their attack capabilities, signaling an evolving cyber threat landscape. The alliance aims at sharing tools and infrastructure to enhance attack effectiveness.
At the end of March, Qilin Ransomware group allegedly breached the chemical manufacturing giant Dow Inc.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ransomware)
如有侵权请联系:admin#unsafe.sh