bluelocker
1 incidentes
1 paises
1 sectores
ransomware PK Ultimo: 2026-06-25
Blue Locker is a ransomware operation that encrypts victim files and demands payment for decryption, first publicly observed in October 2021. While its primary motivation is financial extortion, recent activity suggests a possible connection to nation-state interests, particularly concerning attacks against critical infrastructure. The group employs double extortion tactics, exfiltrating sensitive data in addition to encrypting it, to pressure victims into paying. Blue Locker is recognized for its use of a PowerShell-based loader to disable security defenses and its advanced evasion techniques, such as obfuscation of target strings to bypass detection. It has also been referred to as BlueCryptor.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
Paises objetivo (SOCRadar)
American Samoa
Pakistan
PakistanSectores atacados
Energy (1)
Sectores objetivo (SOCRadar)
Energy & Utilities ManufacturingInformation ServicesFinanceEducational ServicesHealthCare & Social AssistancePublic AdministrationOil & GasOther Information ServicesNational Security&International Affairs