Ransomware Group: INTERLOCK

VICTIM NAME: Pocono Farms Country Club

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INTERLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On August 25, 2025, Pocono Farms Country Club, a US-based organization operating in the Hospitality and Tourism sector, appears on a ransomware leak page. The page attributes the incident to a threat group identified as Interlock and lists Pocono Farms Country Club as a victim. A claim link is present on the leak page, signaling the attackers’ intent to publicly associate the incident or pressure negotiations. The visible content includes a browseable file listing interface described in the body excerpt as “Item Type Item Name Search file in folder and subfolders…,” which indicates the page is designed to present exfiltrated data. The page also contains text describing a web-based file manager built in PHP, specifically Tiny File Manager, reinforcing the interpretation that the attackers are offering or showcasing a tool to navigate compromised files. There are no screenshots, images, or downloadable items shown on the page at this time, and the metadata does not specify the extent of data stolen or whether encryption occurred. The overall presentation aligns with ransomware leak pages that emphasize data exposure rather than a traditional encryption notice.

The post date is August 25, 2025; since no separate compromise date is provided in the data, this timestamp is treated as the post date. Pocono Farms Country Club is located in the United States and operates within the Hospitality and Tourism sector. The leak page does not publish a ransom amount or explicit demands in the provided data. There are zero images or downloadable items currently surfaced on the page, and the page’s content centers on a file-manager interface rather than published samples. The combination of a claim link and a PHP-based file manager interface is consistent with ransomware leak patterns aimed at publicly exposing exfiltrated data to exert pressure on the victim.