Unlocking Interlock
In line with Amazon, the instruments and methods join the malware to Interlock, a ransomware actor that appeared in 2024, presumably as a ransomware-as-a-service (RaaS) offshoot of the infamous Rhysida group which was behind the massively disruptive 2023 ransomware assault on The British Library.
“The ELF [Linux executable] binary and related artifacts are attributable to the Interlock ransomware household primarily based on convergent technical and operational indicators. The embedded ransom observe and TOR negotiation portal are per Interlock’s established branding and infrastructure,” mentioned Amazon’s Moses.
Prior to now, Interlock had focused sectors comparable to training, engineering, structure, building, manufacturing, and healthcare, in addition to authorities and public sector entities, Moses mentioned.
