Ransomware
Novel ShrinkLocker ransomware decryptor unveiled
Share
Bitdefender has issued a free decryption tool for the novel ShrinkLocker ransomware strain that emerged in May, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks with ShrinkLocker, which leverages Microsoft BitLocker for accelerated drive encryption and a random password for re-encryption in Windows 7 and 8 or Windows Server 2008 and 2012 systems, have been deployed against organizations in Mexico, Jordan, and Indonesia, with the payload gaining traction among less sophisticated threat operations due to its simplicity, noted Bitdefender, which previously released decryptors for the MegaCortex, LockerGoga, and MortalKombat ransomware strains.
"Our analysis shows that ShrinkLocker malware is being adapted by multiple individual threat actors for simpler attacks, rather than being distributed through a ransomware-as-a-service (RaaS) model," said Bitdefender researchers.
ShrinkLocker's use of BitLocker comes amid the mounting exploitation of the Windows security feature in the past few years, having been utilized in intrusions launched by an Iranian state-backed threat operation.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news