#StopRansomware: Interlock

**Executive Summary:** This joint FBI/CISA/HHS/MS-ISAC advisory describes the Interlock ransomware campaign—an opportunistic, financially motivated double‑extortion threat active since September 2024 across North America and Europe—detailing initial access vectors (drive‑by downloads, ClickFix social engineering), post‑compromise actions (PowerShell reconnaissance, persistence, credential theft, RDP/AnyDesk lateral movement), use of RATs/C2 (Cobalt Strike, SystemBC, NodeSnake), file/system IOCs (hashes, filenames, extensions, ransom note), and recommended mitigations mapped to the MITRE ATT&CK framework.