Ailock
Compare
Parsing: enabled
Known RaaS
Description
AiLock is a Ransomware-as-a-Service (RaaS) group first identified in March 2025. It employs a double-extortion approach—encrypting files and threatening to report breaches to regulators or share stolen data with competitors if the ransom isn’t paid. Victims have just 72 hours to respond and up to five days to pay; failure to pay results in data leaks and destruction of recovery tools. The ransomware appends the extension .AiLock to encrypted files, changes file icons to a green padlock with the “AiLock” name, and replaces the desktop wallpaper with a distinctive robot-skull logo. It employs a hybrid encryption scheme, combining ChaCha20 for file encryption with NTRUEncrypt for securing metadata, and uses a multi-threaded design (path-traversal and encryption threads with IOCP) for efficiency. While active campaigns and leak sites are confirmed, specific sectors, regions, and intrusion methods remain undisclosed in public sources.
External Analysis4
| External Analysis |
|---|
| https://www.fortra.com/blog/ailock-ransomware |
| https://gbhackers.com/ailock-ransomware-emerges-with-hybrid-encryption-tactics/ |
| https://medium.com/s2wblog/detailed-analysis-of-ailock-ransomware-1d3263beff15 |
| https://s2w.inc/en/resource/detail/871 |
Ransom notes1
Urls1
| Url | ||||
|---|---|---|---|---|
| http://dhnsppqjaaa22lsqxl2tfhji4ca43743kubltnodvsft3hkvai77p6ad.onion/ | Up |
|
File servers39
| Url | ||||
|---|---|---|---|---|
| http://vnsggttwhcofyeh3nxoynxtg5mk5xl4cd7e3c4x62aqb2rj4rfjh3eqd.onion | Up |
|
||
| http://qvqoau7353xe7wm3z6fzxn33q63ck7cys56wsbx25c22fnxyu4fzhnyd.onion/ | Up |
|
||
| http://ejqsesb5cgero35i7ujerpuslbokhuwl3dqgsrg44bzamamccf7fw3ad.onion/ | Up |
|
||
| http://eddo6w66t6t4kribwjbxvtehtsny4g6j2a5gj6pzivivcu5nywhegtqd.onion/pass.html | Up |
|
||
| http://wqse4qzvrtbg5o3evt2eexovcilxpvlsopwvpu7toimx64njqekzuqid.onion/hspass.html | Up |
|
||
| http://pptiuraybrwacfl5v2qmzknenqxwt5eojtbh5cxxejaq3oo4bidkv7id.onion/lwp.html | Up |
|
||
| http://ccpgp25zc37xccprbjr46iurz5c5awhqxltm6xn7nef7dxpsyegwncid.onion/fjuk.html | Up |
|
||
| http://q37z64a4j7455p6zcdxfpqrrgctmd46vaz2uejsqgxbmrcjbd4w3fqid.onion/aephaaghoa.html | Up |
|
||
| http://44ga7x7kicz2bbxaohdfw5iw6j7dgg4kyctwtf4kh6gsxifbah4jv4ad.onion/piehixieru.html | Up |
|
||
| http://b26gczu5dbhaovnkp5c3ef3vdphqxj64z4nwzvfdabplbptgp56gsdyd.onion/ohtohcho.html | Up |
|
||
| http://x7ghos27bltjtfombanecwgynfk4jw53ewkhzfnb5f27qmuquxwzhyad.onion/ | Up |
|
||
| http://x7ghos27bltjtfombanecwgynfk4jw53ewkhzfnb5f27qmuquxwzhyad.onion/elo.lst.zip | Down | |||
| http://epnsv5xaxnrks5yliq5wlthbmdlidkjddon3rx5llftx4ueiwfzdx6ad.onion/iviilumu.html | Up |
|
||
| http://to3odzfolkvhkj3jf5oo3qq5hvdycy5n5n6bi564yrxdgavnwv5znjqd.onion/eishohzu.html | Up |
|
||
| http://qcncet2rpvs3t5lnvuzzth3vbro46snkylgyqx3igdnb5bv324nzojqd.onion/tiohaedai.html | Up |
|
||
| http://woed7o3il2jrxzczupntvhutc2ogs5otn6ekgoya6qo33qcuhomkhwad.onion/goolooqu.html | Up |
|
||
| http://27kmvzlfn3dpb6s4zq3qknqpcbrk5qzhwmg5awhjmu3m2okgpd4pgrid.onion/oozooree.html | Up |
|
||
| http://s5v5hvtk3oyxg3m6afgxeuwlasqku3adeosv7kwwjfvhf22vqiwotrqd.onion/ardlaw.zip | Down |
|
||
| http://tsz2oqrfnyik3vtcx5rzubfuam3n5kapvkkagqr7yzxdxvdhehjxghqd.onion/demanor.lst.zip | Down | |||
| http://s5v5hvtk3oyxg3m6afgxeuwlasqku3adeosv7kwwjfvhf22vqiwotrqd.onion/ | Up |
|
||
| http://mbqmgrf2kvabejqmoh4kl5tw5fko5pphzmmlbxhgjp5ar5ret7qpobad.onion/ | Up |
|
||
| http://tgyvw6pui3apxlezhiht5ubcmbm6fzn5klh2fi6qcqbvqhhfkyhnejad.onion/ | Up |
|
||
| http://dwwnfgp43qjp5cy7n3ab6g5ubdxk4jkma37oykt6loeet7cyadtty5qd.onion/ | Up |
|
||
| http://fgx4uh7pzf4xr7k56opyfsy7qmg64xisiv5scgcadaddur7qiv6t3yyd.onion/ | Up |
|
||
| http://46vfmzfh3uxc3ojn6z267jmiytfhxzq4x7vvnqtycu5wa6hh3jl2hjyd.onion/ | Up |
|
||
| http://tsz2oqrfnyik3vtcx5rzubfuam3n5kapvkkagqr7yzxdxvdhehjxghqd.onion/ | Up |
|
||
| http://27kmvzlfn3dpb6s4zq3qknqpcbrk5qzhwmg5awhjmu3m2okgpd4pgrid.onion/ | Up |
|
||
| http://woed7o3il2jrxzczupntvhutc2ogs5otn6ekgoya6qo33qcuhomkhwad.onion/ | Up |
|
||
| http://igf7rlhjtvitxh72suhb55hqic67pvphbqikkrqqilzj3drhirglziyd.onion/ | Up |
|
||
| http://qcncet2rpvs3t5lnvuzzth3vbro46snkylgyqx3igdnb5bv324nzojqd.onion/ | Up |
|
||
| http://to3odzfolkvhkj3jf5oo3qq5hvdycy5n5n6bi564yrxdgavnwv5znjqd.onion/ | Up |
|
||
| http://epnsv5xaxnrks5yliq5wlthbmdlidkjddon3rx5llftx4ueiwfzdx6ad.onion/ | Up |
|
||
| http://b26gczu5dbhaovnkp5c3ef3vdphqxj64z4nwzvfdabplbptgp56gsdyd.onion/ | Up |
|
||
| http://44ga7x7kicz2bbxaohdfw5iw6j7dgg4kyctwtf4kh6gsxifbah4jv4ad.onion/ | Up |
|
||
| http://q37z64a4j7455p6zcdxfpqrrgctmd46vaz2uejsqgxbmrcjbd4w3fqid.onion/ | Up |
|
||
| http://ccpgp25zc37xccprbjr46iurz5c5awhqxltm6xn7nef7dxpsyegwncid.onion/ | Up |
|
||
| http://pptiuraybrwacfl5v2qmzknenqxwt5eojtbh5cxxejaq3oo4bidkv7id.onion/ | Up |
|
||
| http://wqse4qzvrtbg5o3evt2eexovcilxpvlsopwvpu7toimx64njqekzuqid.onion/ | Up |
|
||
| http://eddo6w66t6t4kribwjbxvtehtsny4g6j2a5gj6pzivivcu5nywhegtqd.onion/ | Up |
|
Chat servers1
| Url | ||||
|---|---|---|---|---|
| http://jaawqs6wu56n2adj7qrjg25dhcux2nislvjouffpzldj23e4y72akoid.onion | Down |
|
Activity (interactive) 26
Posts26
| Date | Title | Description | Screen |
|---|---|---|---|
| Berning & Söhne GmbH | |||
| Piet Vijverberg | |||
| Solutions Extreme Technology | |||
| England Hockey | |||
| Johnson Vollmerhausen & Gates | |||
| Netwerk NV | |||
| Eeyou Communications Network | |||
| Transsion | |||
| Demanor | Date: Coming soon Demanor AS specializes in providing customized goods lifts and lifting machines tailored to the specific needs and conditions of their clients. | Screen | |
| Aaronson Rappaport Feinstein & Deutsch | Date: Coming soon Aaronson Rappaport Feinstein and Deutsch, LLP is a New York-based law firm that specializes in providing legal services across various practice areas, including medical malpractice, construction litigation, and product liability. | Screen | |
| Dallas Regional Chamber | Date: 2026-01-24 The Dallas Regional Chamber is a prominent business organization known for its role as the economic growth champion and business voice of the Dallas region. It focuses on priorities such as economic development, education, public policy, and quality of life. | Screen | |
| ShopBot Tools | Date: 2026-01-16 ShopBot Tools is a leading manufacturer of high-quality CNC routers, designed for machining various materials including wood, plastic, and aluminum. | Screen | |
| Navicore Solutions | Date: 2026-01-11 Navicore Solutions strengthens the well-being of individuals and families through education, guidance, advocacy and support. | Screen | |
| Professional Retail Outlet Services | Date: 2026-01-09 PROS specializes in facilities management and maintenance services for specialty retail chains, boasting 20 years of experience. | Screen | |
| S&R Compression, LLC | Date: 2026-01-10 S&R Compression is an oil & energy company offering compression and vapor recovery services. | Screen | |
| Emanuelson-Podas | Date: 2026-01-10 Emanuelson-Podas, Inc. is a mechanical, electrical, and plumbing engineering firm that specializes in creating innovative building system solutions. | Screen | |
| ELO Digital Office | Date: Coming soon ELO Digital Office, founded in 1996 and headquartered in Stuggart, Germany, is a provider of enterprise content management systems and develops software solutions to digitize business processes. | Screen | |
| Promotion Management Center | Date: 2025-10-14 Founded in 1983, Promotion Management Center, Inc. (PMC) provides fulfillment services. The company specializes in customer incentives, loyalty rewards, employee recognition awards, rebates and third party logistics (3PL) orders your programs generate. | Screen | |
| Sterling Industries | Date: 2025-10-11 Sterling Industries is a North American-based contract manufacturer and assembler of medical devices and sub-components. | Screen | |
| Raw Seafoods | Date: 2025-07-24 Raw Seafoods, Inc. is a family owned and operated company in Fall River, Massachusetts dedicated to providing our customers with exceptional products, and service. We specialize in fresh and frozen scallops, fish and value-added food solutions. | Screen | |
| FUJIFILM Speciality Ink Systems | Date: 2025-07-21 FUJIFILM Speciality Ink Systems Ltd is a company that operates in the Chemicals & Related Products industry. The company is headquartered in Saint Peters, Kent, United Kingdom. | Screen | |
| Lewis Drug | Date: 2025-07-06 Founded in 1942, Lewis Drug owns and operates a chain of drug and pharmacy stores. It provides prescription and non-prescription drugs. | Screen | |
| HomeSite Services | HomeSite Services Inc., a residential, commercial and retail services company, was founded in 2005 with three goals in mind: to perform superior work, offer quality products, and provide our clients with unbeatable service. | Screen | |
| Revival Animal Health | Revival Animal Health was founded in 1989 by Dr. Roy Nielsen, Jr., affectionately known as "Doc Roy." Quickly the company expanded from pet vaccines to an extensive line of pet healthcare products. | Screen | |
| AJ Networks | AJ Networks Co. Ltd is a company that operates in the Other Rental Stores (Furniture, A/V, Construction & Industrial Equipment) industry. It employs 500to999 people and has 500Mto1G of revenue. The company is headquartered in Seoul, South Korea. | Screen | |
| Integral Analytics | Integral Analytics specializes in data intelligence solutions for the energy sector, focusing on improving planning and forecasting for utilities, producers, manufacturers, and regulators. Their flagship products include LoadSEER, DSMore, and IDROP, which assist in energy efficiency, demand response, and distributed energy resource management. | Screen |
