Interlock is a malicious ransomware strain that encrypts victim files and demands ransom payment for decryption. First observed in the wild on September 1, 2024, this ransomware has been actively targeting systems worldwide. Security researchers also track this malware under the aliases: Interlock Extortion Group.
Quick Facts
Ransomware Family
Interlock
First Seen
September 1, 2024
Known Aliases
Interlock Extortion Group
How Interlock Ransomware Works
Targeted Files
For Linux
Ransom Note and Payment Demands
After encrypting files, Interlock displays ransom notes demanding payment for file recovery:
file!__README__! 1.txt
Ransom message:
notes/!__README__! 1.txt
Technical Indicators
Associated Executable Files
The following executable files are associated with Interlock ransomware:
7ff6c1d70000.xxtlz.exe
7ff6c1d70000.xxtlz.asd.exe
7ffbfc130000.conhost2.dll.exe
7ffbfc130000.conhost2.dll
start.old
Elastio Can Help You
Don't let Interlock ransomware take over your data
Elastio provides advanced ransomware protection and recovery solutions to keep your organization safe.
This Interlock ransomware analysis is part of Elastio's comprehensive ransomware detection database. Elastio provides advanced ransomware protection and recovery solutions, helping organizations defend against and recover from ransomware attacks like Interlock.