1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • FBI urges users to beware worrying Interlock ransomware attacks

    From TechnologyDaily@1337:1/100 to All on Wed Jul 23 14:30:07 2025
    FBI urges users to beware worrying Interlock ransomware attacks

    Date:
    Wed, 23 Jul 2025 13:25:00 +0000

    Description:
    A financially motivated ransomware group is quickly gaining notoriety and is now on the FBI's radar.

    FULL STORY ======================================================================FBI, CISA, HHS, and MS-ISAC issue a joint statement on Interlock They described
    the group's MO and usual tactics The advisory details mitigation techniques, too

    The Federal Bureau of Investigation (FBI) is urging organizations to beware
    of ransomware attacks from the increasingly-notororious Interlock ransomware group.

    In a new security advisory, jointly published with the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC), Interlock was described as a financially-motivated ransomware
    group first spotted in September 2024.

    The group usually targets businesses and critical infrastructure
    organizations in North America and Europe, engaging in the usual double-extortion tactic - stealing data, then encrypting systems to coerce victims into paying. It adds more pressure by threatening to release the
    files on the dark web, too.

    Get Keeper's Personal Password Manager plan for just $1.67/month

    Keeper is a password manager with top-notch security. It's fast, full-featured, and offers a robust web interface. The Personal Plan gets you unlimited password storage across all your devices, auto-login & autofill to save time, secure password sharing with trusted contacts, biometric login & 2FA for added security. View Deal Rich tech stack

    Describing Interlocks methodology, the agencies said they usually gain
    initial access through drive-by downloads from compromised websites, fake browser and security updates, or ClickFix tactics.

    Once initial access is established, the crooks would drop a myriad of tools that would grant them different abilities: PowerShell-based remote access trojans (RAT) for access, Lumma, Berserk, and other keyloggers for credential theft, various registry key modifications for system info gathering, AnyDesk, PuTTY, or ScreenConnect for lateral movement, and CobaltStrike, SystemBC, and others for command-and-control.

    Interlock has developed encryptors for both Windows and Linux, it was further explained, with files getting either a .interlock, or a .1nt3rlock extension. The group has no upfront demands, their ransom note only contains a Tor link for negotiations, which are usually capped to 96 hours.

    The FBI also said that it spotted some overlaps with another ransomware group called Rhysida, suggesting potential team-ups, or simply using the same infrastructure.

    To defend against Interlock, FBI and friends recommend businesses patch their systems and software, use DNS filtering and web firewalls, enforce multi-factor authentication (MFA) and strong access controls wherever possible, segment their networks to limit spread, and deploy robust EDR
    tools, especially for virtual machines. You might also like Interlock ransomware attacks highlight need for greater security standards on critical infrastructure Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fbi-urges-users-to-beware-worrying-inte rlock-ransomware-attacks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)