A newly discovered ransomware strain called ShrinkLocker leveraging BitLocker, Microsoft’s encryption tool, to lock victim data. This innovative tactic marks a significant departure from traditional ransomware methods, elevating the threat level for both enterprises and individuals.
Security researchers have identified that this ransomware variant ShrinkLocker employs BitLocker to encrypt files, making it exceptionally challenging for victims to recover their data without paying the demanded ransom. BitLocker, typically used to secure data on Windows devices, is being maliciously repurposed by cybercriminals to extort victims.
The ransomware ShrinkLocker initiates the attack by gaining administrative privileges on the targeted system. Once inside, it activates BitLocker to lock the victim’s files, rendering them inaccessible. Victims are then presented with a ransom note, demanding payment in cryptocurrency in exchange for the decryption key.
Experts warn that this new approach could lead to a surge in ransomware attacks, as leveraging built-in tools like BitLocker allows cybercriminals to evade traditional security measures. Enterprises are advised to bolster their security protocols and ensure regular backups to mitigate the risk of data loss.