BQTlock
(Active)
Aliases
BaqiyatLock
Description
This entry is under construction. However, we have included some details below.
Wave 1 - 1337
13 XMR
decryption for id 1337. Fastest processing time (24h).
Wave 2 - LULZ
26 XMR
decryption for id LULZ Fastest processing time (12h).
Wave 3 - 313
40 XMR
decryption for id 313 Fastest processing time (6h).
Note: Waves change monthly. You can find your ID inside the Ransomware note left on your system. Current prices valid until the end of the month.
Ransomware Type
Crypto-Ransomware
Data Broker
RaaS
Country of Origin
Lebanon
First Seen
Threat Actors
Type
Actor
Individual
Karim Fayad [ZeroDayX]
Alliances & Associations
Type
Alliance/Association
Unaffiliated Claimant
LulzSec
Extortion Links
Medium
Link
Telegram
https://t.me/BQTlock
TOR
http://yywhylvqeqynzik6ibocb53o2nat7lmzn5ynjpar3stndzcgmy6dkgid.onion
Twitter | X
https://x.com/zerodayx1
Extortion Types
Decryption Waves
Direct Extortion
Extortion Price Increases
Free Data Leaks
Extortion Amounts
Amount
200XMR($61,124)
500XMR($152,185)
Communication
Medium
Identifier
BreachForums
https://breachforums.is/User-zerodayx1
Telegram
https://t.me/BQTlock_raas
Telegram
https://t.me/Fuch0u
Telegram
https://t.me/liwaamohammad
Telegram
https://t.me/ZeroDayX1
Encryption
Type
Hybrid
Files
AES-256
Key
RSA-4096
Crypto Wallets
Blockchain Type
Crypto Wallet
XMR
89RQN2EUmiX6vL7nTv3viqUAgbDpN4ab329zPCEgbceQJuS233uye4eXtYk3MXAtVoKNMmzgVrxXphLZbJPtearY7QVuApr
File Extension
<file name>.<file extension>.BQTLOCK
Ransom Note Name
READ_ME-NOW_<7-8 random numeric characters>.txt
bqt_icon.ico
Samples (SHA-256)
324eabc27a25f524c94bb62573986b3335ab5181ddc6825d959d16aaaccdc7aa
Known Victims
| Industry Sector | Country | Extortion Date | Amount (USD) |
|---|---|---|---|
| Memberships & Unions | United States | 500 XMR($152,185) | |
| Education | United States | 200 XMR($61,124) |
References & Publications
The Cyber Shafarat: DOXX ZeroDayX
The Cyber Shafarat: Launch of our cyber tool: BaqiyatLock (BQTLock Ransomware)
Twitter | X: ZeroDayX1 - BQTlock is just warming up