Bqtlock
| RaaS
BQTLock is a ransomware-as-a-service operation that emerged in 2025, using AES-256/RSA-4096 encryption with Monero payment demands, linked to pro-Palestinian hacktivist networks and targeting organizations with wave-based campaigns with 48-hour ransom deadlines.
Victims
5
First Discovered
2025-07-31
victim
Last Discovered
2025-10-11
victim
Inactive Since
214
days
Avg Delay
N/A
attack→claim
Infostealer
0.0%
victims with domain
Countries
2
hit
Attack Velocity — Last 12 months
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
BQTlock :: RaaS & Decryption Portal | No | 2026-04-28T07:23:01 |
yywhylvqeqynzik6ibocb53o2nat7lmzn5ynjpar3stndzcgmy6dkgid.onion
|
Target
Top 5 Activity Sectors
- Technology 2
- Consumer Services 1
- Education 1
- Public Sector 1
Top 5 Countries
-
United Arab Emirates
2
-
United States
2
Heatmap
YARA Rules (1)
Indicators of Compromise (IoCs) (7)
XMR Wallet
1
telegram
5
twitter
1
| Type | IOC |
|---|---|
XMR Wallet
|
89RQN2EUmiX6vL7nTv3viqUAgbDpN4ab329zPCEgbceQJuS233uye4eXtYk3MXAtVoKNMmzgVrxXphLZbJPtearY7QVuApr
|
telegram
|
https://t.me/BQTlock
|
telegram
|
https://t.me/BQTlock_raas
|
telegram
|
https://t.me/Fuch0u
|
telegram
|
https://t.me/ZeroDayX1
|
telegram
|
https://t.me/liwaamohammad
|
twitter
|
https://x.com/zerodayx1
|
Victims (5)
www.bizoneo.com www.bizosoft.eum eeting.wandsoft.com dataprotectionact.ie bizoneo.com www.bizoneo.eu…
isabrd.com, varsityo.com, letterwinner.com, whoglue.net, whoglue.com, whoware.com, mail.usna87.c…