Water Galura

MITRE

Type:
Unknown

Country:
Unknown

First seen:
Unknown

Details:

[Water Galura](https://attack.mitre.org/groups/G1050) are the operators of the [Qilin](https://attack.mitre.org/software/S1242) Ransomware-as-a-Service (RaaS) who handle payload generation, ransom negotiations, and the publication of stolen data for [Qilin](https://attack.mitre.org/software/S1242) affilates recruited on Russian cybercrime forums. [Water Galura](https://attack.mitre.org/groups/G1050) have been active since at least 2022 and use a double extortion model where they demand payment for providing decryption keys and for refraining from publishing the stolen data to their leak site.(Citation: BushidoToken Qilin RaaS JUN 2024)(Citation: Sophos Qilin MSP APR 2025)

MITRE ATT&CK: View on MITRE

Techniques Used (3)

ID	ATT&CK	Tactics
T1486	Data Encrypted for Impact	-
T1585.001	Social Media Accounts	-
T1657	Financial Theft	-

Aliases (196)

GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER GOLD FEATHER

Related Malware (2)

Qilin
other

Tor
tool

Metadata

ID:	934
Created:	13/01/2026 17:48
Updated:	21/04/2026 16:00