Subj : FBI urges users to beware worrying Interlock ransomware attacks To : All From : TechnologyDaily Date : Wed Jul 23 2025 14:30:07 FBI urges users to beware worrying Interlock ransomware attacks Date: Wed, 23 Jul 2025 13:25:00 +0000 Description: A financially motivated ransomware group is quickly gaining notoriety and is now on the FBI's radar. FULL STORY ======================================================================FBI, CISA, HHS, and MS-ISAC issue a joint statement on Interlock They described the group's MO and usual tactics The advisory details mitigation techniques, too The Federal Bureau of Investigation (FBI) is urging organizations to beware of ransomware attacks from the increasingly-notororious Interlock ransomware group. In a new security advisory, jointly published with the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC), Interlock was described as a financially-motivated ransomware group first spotted in September 2024. The group usually targets businesses and critical infrastructure organizations in North America and Europe, engaging in the usual double-extortion tactic - stealing data, then encrypting systems to coerce victims into paying. It adds more pressure by threatening to release the files on the dark web, too. Get Keeper's Personal Password Manager plan for just $1.67/month Keeper is a password manager with top-notch security. It's fast, full-featured, and offers a robust web interface. The Personal Plan gets you unlimited password storage across all your devices, auto-login & autofill to save time, secure password sharing with trusted contacts, biometric login & 2FA for added security. View Deal Rich tech stack Describing Interlocks methodology, the agencies said they usually gain initial access through drive-by downloads from compromised websites, fake browser and security updates, or ClickFix tactics. Once initial access is established, the crooks would drop a myriad of tools that would grant them different abilities: PowerShell-based remote access trojans (RAT) for access, Lumma, Berserk, and other keyloggers for credential theft, various registry key modifications for system info gathering, AnyDesk, PuTTY, or ScreenConnect for lateral movement, and CobaltStrike, SystemBC, and others for command-and-control. Interlock has developed encryptors for both Windows and Linux, it was further explained, with files getting either a .interlock, or a .1nt3rlock extension. The group has no upfront demands, their ransom note only contains a Tor link for negotiations, which are usually capped to 96 hours. The FBI also said that it spotted some overlaps with another ransomware group called Rhysida, suggesting potential team-ups, or simply using the same infrastructure. To defend against Interlock, FBI and friends recommend businesses patch their systems and software, use DNS filtering and web firewalls, enforce multi-factor authentication (MFA) and strong access controls wherever possible, segment their networks to limit spread, and deploy robust EDR tools, especially for virtual machines. You might also like Interlock ransomware attacks highlight need for greater security standards on critical infrastructure Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/fbi-urges-users-to-beware-worrying-inte rlock-ransomware-attacks --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .