Ransomware

Novel ShrinkLocker ransomware decryptor unveiled

Share

BitDefender has issued a free decryption tool for the novel ShrinkLocker ransomware strain that emerged in May, according to The Record, a news site by cybersecurity firm Recorded Future.

Attacks with ShrinkLocker, which leverages Microsoft BitLocker for accelerated drive encryption and a random password for re-encryption in Windows 7 and 8 or Windows Server 2008 and 2012 systems, have been deployed against organizations in Mexico, Jordan, and Indonesia, with the payload gaining traction among less sophisticated threat operations due to its simplicity, noted Bitdefender, which previously released decryptors for the MegaCortex, LockerGoga, and MortalKombat ransomware strains. "Our analysis shows that ShrinkLocker malware is being adapted by multiple individual threat actors for simpler attacks, rather than being distributed through a ransomware-as-a-service (RaaS) model," said Bitdefender researchers. ShrinkLocker's use of BitLocker comes amid the mounting exploitation of the Windows security feature in the past few years, having been utilized in intrusions launched by an Iranian state-backed threat operation.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.