Interlock ransomware gang pushes fake IT tools in ClickFix attacks

The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. ClickFix is a social engineering tactic where victims are tricked into executing dangerous PowerShell commands on their systems to supposedly fix an error or verify themselves, resulting in the installation of malware. Though this isn't the first time ClickFix has been linked to ransomware infections, confirmation about Interlock shows an increasing trend in these types of threat actors utilizing the tactic. Interlock is a ransomware operation launched in late September 2024, targeting FreeBSD servers and Windows systems. Interlock is not believed to operate as a ransomware-as-a-service model. Still, it maintains a data leak portal on the dark web to increase pressure on victims, demanding payments ranging from hundreds of thousands of dollars to millions. From ClickFix to ransomware In the past, Interlock utilized fake brow ... Read full article.