Ransomware Roundup - Interlock

SUMMARY :

The Interlock ransomware is a new variant targeting Microsoft Windows and FreeBSD systems. It encrypts files and demands ransom for decryption. The malware has both Windows and FreeBSD versions, using AES-CBC encryption and adding a '.interlock' extension to encrypted files. It excludes certain files and directories from encryption. The ransomware's data leak site lists victims primarily in the United States and Italy, affecting sectors such as education, finance, government, healthcare, and manufacturing. The infection vector is unknown, but a backdoor was found on a victim's machine. The ransomware's TOR site includes sections for home, about, data leak, and help. FortiGuard Labs provides detection and protection against Interlock through various security solutions.

OPENCTI LABELS :

ransomware,encryption,interlock


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Ransomware Roundup - Interlock