Ransomware, Network Security, Threat Intelligence

FreeBSD servers subjected to novel Interlock ransomware attacks

(Adobe Stock)

Newly emergent ransomware group Interlock has set sights on compromising FreeBSD servers around the world, reports BleepingComputer.

Attacks by Interlock involved infiltration of targeted corporate networks and data exfiltration before proceeding with lateral movement, file encryption, and double-extortion activities, according to a Trend Micro report. Further analysis of the operation's Windows encryptor revealed its capability to remove Windows event logs and the primary binary in the event self-deletion is activated. Organizations impacted by Interlock have been assigned specific "Company IDs" and an email address that would be leveraged to access the site where negotiations between both parties would be held. Six to seven-digit ransoms have been usually demanded by Interlock, which has already breached six organizations since its emergence in late September. "Interlock targets FreeBSD as it's widely utilized in servers and critical infrastructure. Attackers can disrupt vital services, demand hefty ransoms, and coerce victims into paying," said Trend Micro.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds