Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A New Zealand-based civil engineering and construction firm has suffered an alleged cyber attack at the hands of a prolific hacking group.
Based in Orewa, in the north island of New Zealand, Hopper Developments specialises in property development, with over 70 years of experience in that field.
The company was listed on the dark web leak site of the Qilin ransomware gang this week, indicating claims of a cyber attack.
In standard fashion for the group, Qilin did not disclose any details of the incident; however, one potential buyer for the data has already expressed interest.
“What info you got?” said a commenter on the page.
As per its standard ransom note, Qilin said it will publish full data leaks “unless a company representative contacts us via the channels provided.”
Cyber Daily has reached out to Hopper Developments for more information.
Who is Qilin?
The Qilin ransomware-as-a-service (RaaS) operation was first observed in August 2022 and has claimed 1,209 victims since, making it one of the most active ransomware groups currently in operation.
As a RaaS provider, Qilin hires out its ransomware to affiliates in return for a cut of any ransom payment.
The group has been massively active in 2025, with 11 Australian victims for the year, making cyber attacks against Australia an almost monthly occurrence on average.
The US is the group’s biggest target, with 356 victims listed for the year, over a quarter of its total victims to date.
Most recently, Qilin listed B dynamic Logistics, an Australian logistics firm based in Kemps Creek, NSW, on its dark web leak site.
The company told Cyber Daily it was taking the claims seriously and was currently investigating the threat actors’ claims.
“B dynamic Logistics is aware of the situation, and we are currently investigating the matter with support from our IT staff,” Suranthe de Silva, B dynamic Logistics’ chief information officer, told Cyber Daily.
“As this investigation is ongoing, we are unable to provide specific details at this stage.”
However, the company confirmed that it has activated its internal cyber incident response procedures and is actively “assessing the claims made online and verifying their legitimacy”.
“We are taking steps to ensure the security and continuity of our operations,” de Silva said.
“We will also engage with the appropriate authorities and will provide any required notifications in accordance with Australian regulatory obligations.
“As the investigation is still in progress, and we do not want to compromise evidence or the integrity of our response, we are not yet in a position to answer detailed questions regarding timing, scope, or potential data impact. We will share further information with staff, clients, and stakeholders as soon as it is appropriate to do so.”
Be the first to hear the latest developments in the cyber industry.
