July 22, 2025 By Sergiu Gatlan
CISA and the FBI warned on Tuesday of increased Interlock ransomware activity targeting businesses and critical infrastructure organizations in double extortion attacks.
Today's advisory was jointly authored with the Department of Health and Human Services (HHS) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) and it provides network defenders with indicators of compromise (IOCs) collected during investigations of incidents as recent as June 2025, along with mitigation measures to protect their networks against this ransomware gang's attacks.
Interlock is a relatively new ransomware operation that emerged in September 2024 and has since targeted victims worldwide across various industry sectors, with a particular focus on the healthcare sector.
The threat actors were also previously linked to ClickFix attacks, where they impersonate IT tools for initial network access, as well as malware attacks in which they deployed a remote access trojan called NodeSnake on the networks of U.K. universities.
