The Interlock ransomware is rapidly evolving to target critical infrastructure and healthcare organizations across North America and Europe using sophisticated initial access methods. Federal agencies have linked Interlock to other ransomware groups like Rhysida and highlighted its use of credential-stealing malware and Bitcoin ransom demands. #InterlockRansomware #Rhysida #DaVita #LummaStealer #BerserkStealer
Keypoints
- The Interlock ransomware targets critical infrastructure and healthcare sectors in North America and Europe.
- It uses uncommon methods like drive-by downloads and disguising payloads as browser updates to gain access.
- The group has developed encryptors for both Windows and Linux operating systems.
- Interlock operators employ credential-stealing tools such as Lumma Stealer and Berserk Stealer to escalate access.
- Despite high-profile attacks, the group primarily targets victims opportunistically and demands ransom in Bitcoin.
Read More: https://therecord.media/fbi-vigilance-interlock-ransomware