interlock
Ransomware group profile
60Victims
79Impact score
Also Known As
ExoLock
Description
Interlock is a financially motivated ransomware group that emerged in September 2024, operating as a closed organization with a focus on big game hunting of larger targets. The group employs double extortion tactics, encrypting data while threatening to expose sensitive information, and has developed cross-platform ransomware payloads for Windows and FreeBSD environments, rapidly expanding its operations across North America and Europe.
Key insights
- •Utilizes big game hunting tactics, targeting larger organizations.
- •Employs double extortion, combining data encryption with threats to publish stolen data.
- •Utilizes tactics like fake browser updates, social engineering, and custom toolsets.
- •Targets both Windows and FreeBSD operating systems with cross-platform ransomware.
- •Gains initial access through compromised websites and deceptive downloads.
- •Rapidly adapts its toolset for efficient attacks, maintaining a distinct operational profile.
Threat Level & Status Breakdown
For interlock · Based on incidents in selected period
3.5threat level
Aggressiveness5/ 10
Lethality0.4/ 10
Criticality5.4/ 10
Status Breakdown
Data Leaked8.3%5
Claimed91.7%55
First seenJun 2025
Last seenJun 2026
Avg ransom—
Payment rate—
Statusactive
Sophistication0
Last updatedJun 18, 2026
Recent activity
Monthly attack count for interlock in the selected period
60Total attacks
12peak in Aug
5avg / month
↓ 2 vs first month
Intelligence
IOCs, YARA/Sigma rules, and related families for interlock
- 9850cf79c40b42216a98aa937814cc438599fc9e
- 4a566d8661761363c25a36535f9e0b0f
- 9ddae47ff968343a8c32a5344060257fdc08e2a7bdb9a227c8b3a584ee3c9f1e
- a26f0a2da63a838161a7d335aaa5e4b314a232acc15dcabdb6f6dbec63cda642
- 7ed805c5fc3bd0a4eab3d523483a9cc83b8768ff667875f2318f3bfa4ef68fe2
- 03c90fd77221e1b5b9d98e32ada70990
- b0cfa2089802634ffb8c77962cdb18317a6332d4
- 6fd538e4a8e3493dda6f9fcdc96e814bdd14f3e2ef8aa46f0143bff34b882c1b
- 09793a85d372f044fe53c4b47c47049c6bc13d1141334727800b2e32e6d92342
- 4fa8d9a20ce9098eddc065cc427e3ccb035bf3306e236c17a67104d79ca040e0
- a53a9ca8a074c7108f8412c3f8c1fc5d
- cd13a2925a040a93a0b2287b7d7f976c40711e27
- f150d19c57a910d714ef773a470bbb8ad88185f4b4713852fce706a1e7482b59
- fcdbe8f6204919f94fd57309806f5609ae88ae1bbd000d6226f25d2200cf6d47
- 64a0ab00d90682b1807c5d7da1a4ae67cde4c5757fc7d995d8f126f0ec8ae983
- 4885adc9de7e91b74a3ac01187775459acf3e4e026ee2fa776b3419cf8dbaf00
- c8347069980e0c7b8d42cbf0f2be7bc6e558f8b6cf7ca960f6454926120adf55
- 77962a384d251f0aa8e3008a88f206d6cb1f7401c759c4614e3bfe865e3e985c
- b2b03dfcdc2e59d81e99d20c15919a13
- 55883d6c7c11a5ed6c6074af89ab2c7d61364e99
- ccfa558c82a0a4276d8a056e5b0a557050e0b65f
- 9f1950591d1f40fd24c335a2fe56cb03
- 6c8efbcef3af80a574cb2aa2224c145bb2e37c2f3d3f091571708288ceb22d5f
- f588802958c35fe18eb87bc36651a3d1
- 2b59b03e9232b83b8914ed07c6426dd53d17cfb2eba01ab13d4c6cb00466a42e
- 89759f741606e3e9e3004978c08a3d8f5d8a887f
- 28c2d7a25ae0c25b1cef31b7407b40cf59c11c88
- 21461831ba35fd0c4bac597218b94d382478c4b6210ce9e31ad92cc84831cf0ca1909b84d98fb687118a8f0ab29043cc
- 7a5af6b8cc4b94cf0af8ae8bd56224f3
- fba4883bf4f73aa48a957d894051d78e0085ecc3170b1ff50e61ccec6aeee2cd
- 705127c9730dcdebfa0f30103952107098d164d1941c400ea1f3ff454951c225
- 0d5a5e671f63d21a5011975a12d83829fa81a030
- 3703374c9622f74edc9c8e3a47a5d53007f7721e
- 46d469848590dd06f843982b67d2d49b0e3fd004
- 0dbd602324940a614f09975edf6ac089cc12d931
- 5070ad8f45e6ee70e1b8a4fdbf78b2c823ca2c47a817fc29b5042b15880f92d9
- 7556ae58c215b8245a43f764f0676c7a8f0fdd1a
- f0b3e112ce4807a28e2b5d66a840ed7f
- 9daa74a3b63c352c120c8b043a1e88f32cb8ad54
- 6364b01313acbedc9bfd0340eeb983a78f630fe0
- cc14df781475ef0f3f2c441d03a622ea67cd86967526f8758ead6f45174db78e
- 556050a9f9cb6bff6e19ada58215e469
- 5d3569401837f0ffa3a69ff02131b3b2
- 18051333e658c4816ff3576a2e9d97fe2a1196ac0ea5ed9ba386c46defafdb88
- 333903c7d22a27098e45fc64b77a264aa220605cfbd3e329c200d7e4b42c881c
- c524749d590c5057642f72b583e2336b6e80d0ff
- 3928c5874249cc71b2d88e5c0c00989ac394238747bb7638897fc210531b4aab
- 4e4a3751581252e210f6f45881d778d1f482146f92dc790504bfbcd2bdfa0129
- 176a34345bbd4eaf96e47bb60c866847de7cdaf315fe376427f4651c09f98e88
- c24cb7692b77123387b821f3683966807662217a4c918c32bb97358729c33a1d
- 451886c420f85eba28c3a3cd477c7ab7
- 41b6815d187a9bd7284fb0919b814eaf310d55452030eb932b32b27b5c473e26
- 794a0b6f21d80a426ac33a706a962b66a6cc0492
- 7e94dddc83cbd929e073f060d02e374f
- 6fe749873d6ec0976d0d8262878a8772671e21b8
- 224a21c122569d682302ae26ec4fdbfada36aa65
- d2fcf4a3c0012398caf4247cd08f16857e115223
- 42c0af54d2485393576def0611ff7949f5b9a7dd
- e10609238eb90491d4a00be18fb27d76
- aecc447b2b69af35e20c3ea91e21e853
- 690b6cf4205248a3fc5521762c69a24f46958e57621dc97b031e41ec1f381221
- 3e2272b916da4be3c120d17490423230ab62c174
- 6bc8e3505d9f51368ddf323acb6abc49
- 3a24cd31c8287f7ee7336936a95f82b5d71a3746d210b4240869f3e3f5b34208
- 1192381230fce07ef3f2a86ce746c71f22a7e0b97eea7560a38337844e8f3041
- 6e5c975e269e1b96ff573ec562a40fc182352b5d
- 60447f89c0eb870e071cb55cd57678cf
- 2471ab67e2bb73a5f12877a10c1d1dc4
- 0b12eb25db68d8714ba52583597ed20e5fab2f6e82dcd0bcb23161acb4a9a126
- c20d890a2b4e0ee91c0a8fb0bf543e78
- 64d3de7ed78114b1dc13d3bb6e763149
- 0553d85e6e17dbf02742a4030fda644f
- b204d00dd01da0408978e4101479efbdc977e84ad4a99cdbfd4a3364df964dd0
- 7007cf53bcd0083baba202d8ac2d9070
- 9e387f1564f9e38ba87dbafbde3731db2e844ff3800500d6707028bb065c070b
- ec5076aa5ac6ba904d33b8979c60dce1
- b46a3f9a7917a0b0e08979f85c90ff802a3e96d23a19a8727d9d701d5e2088eb
- 23094d64721a279c0ce637584b87d6f1
- e40e82b77019edca06c7760b6133c6cc481d9a22585dd80bce393f0bfbe47a99
- ab420e67f5b2ba45702674a7fe3e10e9d4283732
- a987d2fa16a74fdf35edfd261fc0ab5abec477e2
- e2b789bf39ba132ce56d3d97c28b5ff2
- fb68797872dedd29a86db18ca41350155249718b3b0372e1985c980d4e09edf9
- 862763a754b4edfc0af31e14a3b1d691
- df41085a8aa9ee9da6a03db08ad910b6ef5fcdc8fee7ebb19744331c5e70c782
- edbf152ed9ac79e5d9e0111d1071af48
- ce1b9909cef820e5281618a7a0099a27a70643dc
- 17986b6595fe960fe8e9757d3069d5daabd628ef
- 2a56f5593cec4ec7cc418cb30bfe2f58
- 47d086d0f4b284a574ea5fa61e263647
- df5ddf117b0e19e797c7628ba1faabb95d8efd04
- 978c8d81697ebb29d809c21b398ac88fea6013bd
- f3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb
- 4baabdbe96a16716454a62abd7a7105d8b3a775c2428a0052d9738b0412a32c6
- 77421b290ebb620bee486f159e8679d6d3a641fd
- 033de779278ecfdee7117d5d0a710e22eb501421e0c5f93e4ea3e82f414bbb90
- 62c81c192867130f49b5082045d679586f27143a
- b49707615290ffc5baa2d02c3b5d22574a953b50
- 79cd6380b2cf7ca1b3e3ba386ebbd7df0104e33ac74cdb5e886fd8be207bd961
- 43948d6f8c51b96c1f854ea695ffe67f
- 1ef9214ad4e3f8f993ecdac3bc61aeeb
- f00a7652ad70ddb6871eeef5ece097e2cf68f3d9a6b7acfbffd33f82558ab50e
- 29765840a9897f93ea3bf07ef59ffa8ae8cd5f14
- a98dcdee82f6066a4cf2f9d7d161a1bacec8f81d
- 4db4b2463cc95483b7c6a2539caee516
- 12b86190ab3fb916b8901d82fbe996f43417ffa5736df5294a63a440758f158e
- cb85338c2cc758da00cc37a1fde7a73383e1c4c7
- 1977753fadf4be46e340b4dcb7805e1f1649df51
- 7422f2cf8466948bb782769fffa020fd92be6472
- eaca86a3f397d10d9188be9fcd2af1a7a30a9b573b2282b0b8300efeb5ff1efd
- dc057522e04f37a6143cf6ce9b5d4a19aab8ef7a
- 85030b66cb1558a2c1eb249b0c6b1407d393ba996cb96be499efeaf487c97f55
- f064fdd24c56f2d20f1a6a32fc7edbd3848f962b25965b788b0dc725eeab9db4
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for interlock
Other
T1486
T1486
T1490
T1490
T1071
T1071
T1059
T1059
T1562
T1562
T1021
T1021
T1078
T1078
T1547
T1547
T1080
T1080
T1021.001
T1021.001
Victims(60)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Cold Front Distribution | — | US United States | Retail & E-Commerce | Claimed | 17 days ago | |
| First United Methodist Church Boerne | — | US United States | Retail & E-Commerce | Claimed | about 1 month ago | |
| Kent District Library | — | US United States | Government & Defense | Claimed | about 1 month ago | |
| Park Dental Research | — | US United States | Healthcare | Claimed | about 1 month ago | |
| Waterford Hotel Group | — | IE Ireland | Hospitality | Claimed | about 1 month ago | |
| Lonestar Truck Group & Tag Truck Center | tntxtruck.com | US United States | Transportation | Data Leaked | about 2 months ago | |
| Winona County | — | US United States | Government & Defense | Claimed | about 2 months ago | |
| Uniwersytet Warszawski | uw.edu.pl | PL Poland | Education | Claimed | 2 months ago | |
| Community College of Beaver County | — | US United States | Education | Claimed | 3 months ago | |
| The Center for Hearing & Speech | — | US United States | Healthcare | Claimed | 3 months ago | |
| Goodwill | — | US United States | Professional Services | Claimed | 3 months ago | |
| Delta Manufacturing | deltamfg.com | US United States | Manufacturing | Claimed | 3 months ago | |
| Elliott-Lewis | — | US United States | Other | Claimed | 3 months ago | |
| Wagon Mound Public Schools | wm.k12.nm.us | US United States | Education | Claimed | 3 months ago | |
| Abbott Media Productions | — | US United States | Professional Services | Claimed | 4 months ago | |
| Yew Tree Dairy | — | GB United Kingdom | Other | Claimed | 4 months ago | |
| Archaeological Institute of America | archaeological.org | US United States | Education | Claimed | 4 months ago | |
| Odyssey Academy | odyssey-academy.com | US United States | Education | Claimed | 5 months ago | |
| Urban Edge Architecture | urbanedgearchitecture.co.uk | GB United Kingdom | Other | Claimed | 5 months ago | |
| Westlake Christian Academy | westlakechristianacademy.org | US United States | Education | Claimed | 5 months ago |
Page 1 of 3
Affected countries(18)
Countries where this group has been reported to target or leak victims.