The CISA and the FBI warned of escalating Interlock ransomware attacks targeting various businesses and critical infrastructure organizations through a double extortion model whereby actors encrypt systems after exfiltrating data, which increases pressure on victims to pay the ransom to both get their data decrypted and prevent it from being leaked.
You can find the warning here: https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a
Erich Kron, security awareness advocate at KnowBe4, commented:
“While a fairly new ransomware group, Interlock is working to make a name for themselves. Their use of compromised websites for drive-by malware downloads is not very common in the world of ransomware, but their use of social engineering certainly is. Convincing people to install updates or fixes, really just disguised malware, in ClickFix attacks and is not a new concept as fake updates or antivirus notifications have been around for years.
To counter the threat, organizations need to ensure their employees are aware of the campaigns and are taught to spot them, and that they are aware of the real and legitimate process the organization’s I.T. department uses to install patches or updates so they are not tricked into executing malware. A comprehensive Human Risk Management program is vital when dealing with human-centric attacks such as this, as is a good endpoint protection platform. Patching machines, browsers, and other software can help limit the ability for malware to launch and for bad actors to move around the network or elevate permissions as well.”
Interlock may be new, but they are causing quite the sensation. Likely because they have a track record of success if you want to call it that. You don’t want to be part of their success which means that you need to do everything you can to make sure that you’re not Interlock’s next victim.
Related
This entry was posted on July 23, 2025 at 8:26 am and is filed under Commentary with tags CISA, FBI. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
FBI And CISA Issue Warning About Interlock Ransomware Gang
The CISA and the FBI warned of escalating Interlock ransomware attacks targeting various businesses and critical infrastructure organizations through a double extortion model whereby actors encrypt systems after exfiltrating data, which increases pressure on victims to pay the ransom to both get their data decrypted and prevent it from being leaked.
You can find the warning here: https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a
Erich Kron, security awareness advocate at KnowBe4, commented:
“While a fairly new ransomware group, Interlock is working to make a name for themselves. Their use of compromised websites for drive-by malware downloads is not very common in the world of ransomware, but their use of social engineering certainly is. Convincing people to install updates or fixes, really just disguised malware, in ClickFix attacks and is not a new concept as fake updates or antivirus notifications have been around for years.
To counter the threat, organizations need to ensure their employees are aware of the campaigns and are taught to spot them, and that they are aware of the real and legitimate process the organization’s I.T. department uses to install patches or updates so they are not tricked into executing malware. A comprehensive Human Risk Management program is vital when dealing with human-centric attacks such as this, as is a good endpoint protection platform. Patching machines, browsers, and other software can help limit the ability for malware to launch and for bad actors to move around the network or elevate permissions as well.”
Interlock may be new, but they are causing quite the sensation. Likely because they have a track record of success if you want to call it that. You don’t want to be part of their success which means that you need to do everything you can to make sure that you’re not Interlock’s next victim.
Share this:
Like this:
Related
This entry was posted on July 23, 2025 at 8:26 am and is filed under Commentary with tags CISA, FBI. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.