Live Latest activity →
AI

AiLock

Known ransomware group ACTIVE
Currently active

AiLock is a ransomware operation that emerged in early 2025, marketing itself as AI-assisted ransomware using a hybrid ChaCha20/NTRUEncrypt encryption scheme and double-extortion tactics, actively recruiting affiliates and threatening regulatory reporting if ransoms are unpaid.

6

Total Claims

1

Critical

Records Claimed

3

Industries Hit

Active span: Apr 10, 2026 – Jun 4, 2026 · 6 organizations targeted

Currently active
Activity 5.3 Severity 5.0 Sectors 4.6 Tooling 0.0

Actor Threat Profile

Activity Timeline

Peak: Apr 2026 (3)
Apr 2026
LessMore
Jun 2026

Share this profile

Shareable intel card for AiLock

Top Targeted Industries

Business Services 2
Healthcare 1
Consumer Services 1

Tradecraft & Infrastructure

0

Documented tools

0 / 0

MITRE tactics / techniques

1

Known leak sites

Full intelligence profile on ransomware.live →

Targeted Organizations

Groupe Sécurité CLBRestorative Therapies, Inc.Site Design GroupMother's Market & KitchenPremComAlvi Associates

Claims by AiLock

Low

Ransomware Claim: Groupe Sécurité CLB

Groupe Sécurité CLB
AiLock
Ransomware Business Services
Jun 5, 2026
Critical

Ransomware Claim: Restorative Therapies, Inc.

Restorative Therapies, Inc.
AiLock
Ransomware Healthcare
May 29, 2026
Low

Ransomware Claim: Site Design Group

Site Design Group
AiLock
Ransomware Business Services
May 2, 2026
Medium

Ransomware Claim: Mother's Market & Kitchen

Mother's Market & Kitchen
AiLock
Ransomware Consumer Services
Apr 24, 2026
Medium

Ransomware Claim: PremCom

PremCom
AiLock
Ransomware
Apr 23, 2026
Medium

Ransomware Claim: Alvi Associates

Alvi Associates
AiLock
Ransomware
Apr 10, 2026

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.