KongTuke FileFix Leads to New Interlock RAT Variant

Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware, a shift from the previously identified JavaScript-based Interlock RAT (aka NodeSnake), uses PHP and is being used in a widespread campaign. Since May 2025, activity related to […] The post KongTuke FileFix Leads to New Interlock RAT Variant appeared first on The DFIR Report .

Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware, a shift from the previously identified JavaScript-based Interlock RAT (aka NodeSnake), uses PHP and is being used in a widespread campaign. Since May 2025, activity related to […] The post KongTuke FileFix Leads to New Interlock RAT Variant appeared first on The DFIR Report . Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware, a shift from the previously identified JavaScript-based Interlock RAT (aka NodeSnake), uses PHP and is being used in a widespread campaign. Since May 2025, activity related to […] The post KongTuke FileFix Leads to New Interlock RAT Variant appeared first on The DFIR Report .