The Interlock ransomware group has been actively targeting businesses and critical infrastructures in North America and Europe since September 2024. Their ransomware employs AES-256-GCM encryption with RSA-4096 key protection, leveraging the OpenSSL library for efficient file encryption. The malware includes code obfuscation techniques and specific arguments for various behaviors. It excludes certain folders, file extensions, and files from encryption to avoid system damage. The ransomware changes file extensions to '.!NT3RLOCK' and may terminate processes during encryption. Interlock's operations involve data theft and public disclosure threats for ransom leverage. The group utilizes a Tor-based negotiation site and references legal regulations to pressure victims. To counter this threat, offsite data backups and regular recovery drills are recommended.