Interlock Ransomware Group

Search IOCs, vulnerabilities, APT…

216.73.216.233

← Back to intrusion sets

Interlock Ransomware Group

· Published 14/04/2026 11:20 · Modified 14/04/2026 11:20 · Source: AlienVault

Essential information

Confidence: 100/100
Published: 14/04/2026 11:20
Modified: 14/04/2026 11:20
Updated at: 14/04/2026 11:20
Revoked: No
Author / Source: AlienVault
Resource level: —
Primary motivation: —
Related entities: 1 reports, 20 attack patterns (mitre), 5 malware, 2 indicators, 23 vulnerabilities (cve)

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.

Reports (1)

March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, …

AlienVault Confidence 100 23 CVEs 20 MITREs 5 Malwares 2 IOCs 2 Observables 1 APT

Attack patterns (MITRE) (20)

T1082 uses

System Information Discovery MITRE
T1059.007 uses

JavaScript MITRE
T1018 uses

Remote System Discovery MITRE
T1078 uses

Valid Accounts MITRE
T1548 uses

Abuse Elevation Control Mechanism MITRE
T1573 uses

Encrypted Channel MITRE
T1027 uses

Obfuscated Files or Information MITRE
T1190 uses

Exploit Public-Facing Application MITRE
T1083 uses

File and Directory Discovery MITRE
T1055 uses

Process Injection MITRE
T1059 uses

Command and Scripting Interpreter MITRE
T1021.001 uses

Remote Desktop Protocol MITRE

← Previous

Page / 2

1–12 of 20

PLASMAGRID uses

Family
PlasmaLoader uses

Family
GHOSTSABER uses

Family
GHOSTKNIFE uses

Family
GHOSTBLADE uses

Family

Indicators (2)

6c8efbcef3af80a574cb2aa2224c145bb2e37c2f3d3f091571708288ceb22d5f indicates

stix 100/100

· Valid until 10/04/2027 · Source: AlienVault
37.27.244.222 indicates

stix 100/100 Revoked

· Valid until 08/05/2026 · Source: AlienVault

Vulnerabilities (CVE) (23)

CVE-2026-20963 KEV targets

9.8 Critical

Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.

Attack vector: NETWORK
Complexity: LOW
Published: 13/01/2026
Modified: 02/04/2026

CWE-502 Analyzed

CVE-2026-3564 targets

9.0 Critical

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including …

Attack vector: Network
Published: 17/03/2026
Modified: 14/04/2026

Awaiting Analysis

CVE-2025-32432 KEV targets

10.0 Critical

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before …

Attack vector: NETWORK
Complexity: LOW
Published: 25/04/2025
Modified: 27/03/2026

CWE-94 Received

CVE-2026-20131 KEV targets

10.0 Critical

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to …

Attack vector: NETWORK
Complexity: Low
Published: 04/03/2026
Modified: 14/04/2026

CWE-502 Awaiting Analysis

CVE-2023-41974 KEV targets

7.8 High

Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges.

Attack vector: LOCAL
Published: 10/01/2024
Modified: 15/03/2026

CVE-2026-27944 targets

9.8 Critical

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without …

Attack vector: Network
Published: 05/03/2026
Modified: 14/04/2026

Undergoing Analysis

CVE-2026-3910 KEV targets

8.8 High

Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote …

Attack vector: Network
EPSS: 0.0008 (P23.4%)
Published: 13/03/2026
Modified: 14/04/2026

Analyzed

CVE-2017-7921 KEV targets

9.8 Critical

Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain …

Attack vector: NETWORK
Complexity: LOW
EPSS: 0.9410 (P99.9%)
Published: 06/05/2017
Modified: 22/04/2026

CWE-287

CVE-2026-3055 KEV targets

9.3 Critical

Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability …

Attack vector: Network
Complexity: Low
Published: 23/03/2026
Modified: 14/04/2026

CWE-125 Awaiting Analysis

CVE-2026-26127 targets

7.5 High

Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.

Attack vector: NETWORK
Complexity: Low
Published: 10/03/2026
Modified: 14/04/2026

CWE-125 Awaiting Analysis

CVE-2025-68613 KEV targets

9.9 Critical

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical …

Attack vector: Network
Published: 20/12/2025
Modified: 12/03/2026

Awaiting Analysis

CVE-2026-21385 KEV targets

7.8 High

Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation.

Attack vector: LOCAL
Published: 02/03/2026
Modified: 14/04/2026

Undergoing Analysis

← Previous

Page / 2

1–12 of 23

Contact About Legal notice Privacy policy Terms of use