Ransomware, Critical Infrastructure Security, Threat Intelligence

Novel ShrinkLocker ransomware exploits Microsoft BitLocker

Share
(Adobe Stock)

Organizations in the steel and vaccine manufacturing sectors, as well as a government entity in Mexico, Jordan, and Indonesia, have been subjected to attacks with the novel ShrinkLocker ransomware strain that exploits Microsoft BitLocker for file encryption activities, The Register reports.

Intrusions commence with the acquisition of code execution that is followed by the delivery of ShrinkLocker, which then leverages a VBScript to determine operating system versions, conduct disk resizing activities, and ensure execution of the malware, according to a report from Kaspersky's Global Emergency Response team.

After modifying partition labels and delivering decryption keys, ShrinkLocker then proceeds with local key deletion, as well as the removal of system logs before taking down the breached systems, researchers added.

Organizations have been recommended to mitigate such a threat by implementing managed detection and response solutions, restricted user privileges, and robust credentials, as well as ensuring frequent data backups and tracking critical system activity.

Novel ShrinkLocker ransomware exploits Microsoft BitLocker

Organizations in the steel and vaccine manufacturing sectors, as well as a government entity in Mexico, Jordan, and Indonesia have been subjected to attacks with the novel ShrinkLocker ransomware strain that exploits Microsoft BitLocker for file encryption activities, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.