Europol has issued a critical warning to the public and cybersecurity community, confirming that a widely circulated message offering a $50,000 reward for information on the Qilin ransomware group is a complete fabrication. The fraudulent message, which rapidly spread across a newly created Telegram channel, was a sophisticated social engineering ruse designed to deceive researchers and journalists.
The deceptive post, which appeared on a Telegram account named “@europolcti,” falsely claimed that Europol was seeking information on two senior Qilin administrators known by the aliases “Haise” and “XORacle.” The message stated that the reward would be granted for details top to the identification or location of these individuals, playing on the established practice of law enforcement agencies offering bounties for high-profile cybercriminals.
However, Europol has officially denied the message’s authenticity. In a public statement, the agency clarified that it does not operate any official Telegram channels and that the message did not originate from its verified social media accounts, which are limited to platforms like Instagram, LinkedIn, X, Bluesky, YouTube, and Facebook.
The perpetrator behind the scam appears to have intentionally set out to prove how easily such misinformation could spread. In a subsequent post on the same channel, a user calling themselves “Rey” gloated about the ease with which they were able to “fool so called ‘Researchers’ and ‘Journalists’ that just copy stuff.”
This incident underscores the pervasive threat of misinformation in the digital age, particularly in the realm of cybersecurity, where the lines between legitimate news and sophisticated scams can be blurred. While the $50,000 reward was a hoax, the threat posed by the Qilin ransomware group is very real. Known as a Ransomware-as-a-Service (RaaS) operation, Qilin has been linked to numerous attacks on critical infrastructure and businesses worldwide, causing significant financial losses and, in some cases, severe service disruptions, as seen in a recent attack against a UK health provider.
Europol urges individuals to verify information directly through official sources and to be wary of unverified claims, especially those distributed on unofficial social media channels.
