August 15, 2025 By Pierluigi Paganini
Blue Locker ransomware hits Pakistan’s oil & gas sector, severely impacting Pakistan Petroleum; NCERT warns ministries of severe ongoing risk.
This week Pakistan’s National Cyber Emergency Response Team (NCERT – National CERT – Pakistan) has issued an advisory to 39 key ministries and institutions and warned them of a “severe risk” posed by the ongoing ‘Blue Locker’ attacks.
Resecurity has acquired binary samples of the “Blue Locker” ransomware and conducted a reverse engineering analysis to raise awareness within the cybersecurity community and to equip network defenders with additional insights about this activity.
Notably, the malicious cyber activity took place in close proximity to the celebration of Pakistan’s Independence Day, one of the key national holidays, which is celebrated annually on August 14. This ransomware attack could be considered significant, as it targeted major enterprise in the country’s oil and gas sector, Pakistan Petroleum Limited (PPL).
