[QILIN] – Ransomware Victim: Beta Dyne

AI Generated Summary of the Ransomware Leak Page

On October 16, 2025, a ransomware leak post attributed to the threat group Qilin identifies Beta Dyne as a victim. The page describes Beta Dyne, a United States-based technology company that designs and manufactures electrical equipment for industrial plants, communications, and medical sectors. The description notes the company has over 20 years of experience in the power industry and highlights a broad product line that includes more than 2,400 standard models and more than 300 custom products. The post frames the incident as a data leak rather than a straightforward encryption event, and it lists a Jabber contact (redacted) and a TOX fingerprint, alongside an FTP address that implies additional exfiltration activity. There is no explicit ransom amount stated on the page.

The leak page references a collection of 20 images, which appear to be icons and screenshots illustrating internal documents or related visuals. These assets are hosted on a Tor onion service, with the URLs defanged in this summary. The page excerpt also reveals a redacted Jabber address and a TOX fingerprint, and it mentions an FTP entry that includes credentials, suggesting further access to exfiltrated data. The post date matches October 16, 2025, and in the absence of a separate compromise date, this is treated as the post date. Taken together, the page portrays Beta Dyne as a ransomware victim focusing on data leakage rather than a full-system encryption, consistent with a data-leak/double-extortion claim by the Qilin group.