Overview
Interlock emerged in 2024 targeting critical sectors including healthcare and government. The group runs a professional-looking leak site and uses double extortion to pressure victims. Their targeting of healthcare organisations raises significant patient safety and data protection concerns.
Tactics, Techniques & Procedures
Double extortion, targets critical infrastructure sectors including healthcare
Primary Targets
Healthcare, Government, Technology
Indicators of Compromise
- Custom encryptor
- Remote access tools
- Legitimate software abuse
MITRE ATT&CK Techniques
T1486T1041T1190 Exploit Public-Facing Application
Quick Reference
| Status | ACTIVE |
| Type | Ransomware |
| First Seen | 2024 |
| Victims Tracked | 1 |
Dark Web Presence
http://ebhmkoohccl45qesdbvrjqtyro2hmhkmh6vkyfyjjzfllm3ix72aqaid.onion/leaks.phphttp://ebhmkoohccl45qesdbvrjqtyro2hmhkmh6vkyfyjjzfllm3ix72aqaid.onion/support/step.php
Under Attack?
If you believe interlock has targeted your organisation, contact Binary Response immediately.
Emergency Response Dark Web Monitoring →