Verwaltet von:
#interlock
"The remote endpoints it attempted to contact included several TryCloudflare domains as well as direct IP addresses.
The logic would rotate through the various servers until an online host was found. The malware in this case took 15 minutes to establish a successful connection to an online endpoint at hxxp://bristol-weed-martin-know[.]trycloudflare[.]com/init1234."
The above is from a recent Private Threat Brief: "Interlock-Linked Threat Actor Gains Access via Fake Teams ClickFix Lure"
Interested in receiving reports like this one? Contact us for a demo or pricing - https://thedfirreport.com/contact/
Interlock ransomware: what you need to know - "We don’t just want payment; we want accountability." The malicious hackers behind the I... https://www.tripwire.com/state-of-security/interlock-ransomware-what-you-need-know #ransomware #databreach #guestblog #interlock #clickfix #malware
How #Interlock #Ransomware Affects the Defense Industrial Base Supply Chain
https://securityaffairs.com/177792/malware/how-interlock-ransomware-affects-the-defense-industrial-base-supply-chain.html
#securityaffairs #hacking
@amvinfe @douglevin @funnymonkey
A few weeks ago, #InterLock leaked a lot of data allegedly from Madison School District, which is also in Phoenix, AZ.
I wonder if there was some common vendor between Madison and Fowler or some common denominator.
I didn't spot any statement or #databreach disclosure on Madison's site or Twitter account.
The Fowler Elementary School District, located in Phoenix, Arizona, has reportedly fallen victim to a cyberattack involving what may be a substantial volume of sensitive data. The incident was claimed by the Interlock ransomware group, which published its announcement on May 3, 2025, through a post on its blog hosted within the Tor network.
@PogoWasRight @douglevin @funnymonkey
#Interlock #FESD #Infosec #Data_Breach #Ransomware
#Interlock #ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita
https://securityaffairs.com/176946/cyber-crime/interlock-ransomware-gang-started-leaking-data-allegedly-stolen-from-leading-kidney-dialysis-firm-davita.html
#securityaffairs #hacking #malware
Updating an incident:
The InterLock ransomware gang has claimed responsibility for the DaVita attack. They claim to have exfiltrated 1,510 GB of data, 683,104 files, and 75,836 folders, and have leaked the file tree and some folder information.
Since the apparition of the #Interlock ransomware, the Sekoia #TDR team observed its operators evolving, improving their toolset (#LummaStealer and #BerserkStealer), and leveraging new techniques such as #ClickFix to deploy the ransomware payload.
https://blog.sekoia.io/interlock-ransomware-evolving-under-the-radar/
@PC_Fluesterer (2/2)
For a deeper understanding of these attacks, further reading is recommended. Please inspect the additional reading links appended here:
https://www.loginsoft.com/post/the-rise-of-interlock-ransomware
https://www.moxfive.com/resources/moxfive-threat-actor-spotlight-interlock-ransomware
@PC_Fluesterer #Interlock #ransomware specifically targets VMware's ESXi hypervisors, installed with #FreeBSD insyde the VMs exploiting vulnerabilities to attack virtual environments. By compromising virtual machines (VMs), it can encrypt critical data and modify root passwords on ESXi hosts, effectively disrupting operations. The malware often leverages malicious DLLs in the tempered scheduler to facilitate its attacks on hypervisors, making recovery challenging. (1/2)
The recent rise of Interlock ransomware highlights a critical need for enhanced security standards in our infrastructure! 
Targeting FreeBSD servers, this group has already impacted multiple organizations, emphasizing the importance of multi-layered defenses. 
Organizations must prioritize security to prevent devastating breaches! Read more here: https://www.techradar.com/pro/security/interlock-ransomware-attacks-highlight-need-for-greater-security-standards-on-critical-infrastructure #CyberSecurity #Ransomware #Interlock #FreeBSD #InfoSec #newz
Trend Micro further said that the threat actors likely created a FreeBSD encryptor as the operating system is commonly used in critical infrastructure, where attacks can cause widespread disruption.
"Interlock targets FreeBSD as it's widely utilized in servers and critical infrastructure. Attackers can disrupt vital services, demand hefty ransoms, and coerce victims into paying," explains Trend Micro.
If anyone gets their hands on the #interlock #malware sample that targets #FreeBSD systems, I'd love to help analyze it: https://www.bleepingcomputer.com/news/security/meet-interlock-the-new-ransomware-targeting-freebsd-servers/
Tech in Plain Sight: Microwave Ovens - Our homes are full of technological marvels, and, as a Hackaday reader, we are bet... - https://hackaday.com/2023/09/26/tech-in-plain-sight-microwave-ovens/ #acsynchronousmotor #hackadaycolumns #engineering #microswitch #interlock #microwave