Threat actors behind the Interlock ransomware group have unleashed a new PHP variant of its bespoke remote access trojan (RAT) as part of a widespread campaign using a variant of ClickFix called FileFix.
“Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters,” The DFIR Report said in a technicalRead More

New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries [email protected] (The Hacker News)
by
Tags: