Ransomware Group

Interlock

Status: active • First seen 2024-0925+ known victims

Interlock goes after servers running FreeBSD, which is unusual because most ransomware only attacks Windows. They disrupted county government services by attacking these less common systems.

Overview

Interlock is a ransomware operation notable for targeting FreeBSD servers and VMware environments. The group has attacked government entities and critical infrastructure.

Target Industries

Technology, Government, Critical Infrastructure, Healthcare

How They Attack

  • FreeBSD targeting
  • VMware exploitation
  • Double extortion
  • Government targeting

Notable Victims

Wayne County (2024), Government contractors

Is your business exposed?

How to Protect Against Interlock

  1. 1.

    Harden FreeBSD servers and limit access

  2. 2.

    Patch VMware infrastructure immediately

  3. 3.

    Implement government IT security standards

MITRE ATT&CK Techniques

T1486, T1567, T1068, T1078

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices