The Reveal Platform
Intel Name: #stopransomware: interlock
Date of Scan: July 23, 2025
Impact: High
Summary: Interlock ransomware, active since late September 2024, targets businesses and infrastructure in North America and Europe with financially driven attacks. The FBI notes its use of encryptors for both Windows and Linux, often impacting virtual machines. Initial access methods include drive-by downloads from compromised sites and the ClickFix social engineering tactic. After gaining access, actors perform discovery and lateral movement, employing double extortion by exfiltrating and encrypting data.
