Europol warns that the $50,000 Qilin reward is fake

Reports claiming Europol offers a bounty for Qilin suspects are false, the agency said, stressing that it has no Telegram channel.
Europol confirmed that a $50,000 reward for Qilin ransomware members circulating on Telegram is a scam, highlighting ongoing disinformation in cybercrime circles.

Europol has warned that a reported $50,000 reward for information on two members of the Qilin ransomware group is fake. The message, circulating on Telegram, claimed the suspects, known as Haise and XORacle, coordinate affiliates and manage extortion operations.

Europol clarified that it does not operate a Telegram channel and that the message does not originate from its official accounts, which are active on Instagram, LinkedIn, X, Bluesky, YouTube, and Facebook.

Qilin, also known as Agenda, has been active since 2022 and, in 2025, listed over 400 victims on its leak website, including media and pharmaceutical companies.

Recent attacks, such as the one targeting Inotiv, demonstrate the group’s ongoing threat. Analysts note that cybercriminals often circulate false claims to undermine competitors, mislead affiliates, or sow distrust within rival gangs.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!