Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
New ShrinkLocker ransomware puts millions of Windows PCs at risk, but you can stay protected
It encrypts files and removes the recovery options
3 min. read
Published onMay 27, 2024
published onMay 27, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
If you are a Windows user, it’s time to take measures to protect your PC and personal data. Recently, researchers at Kaspersky identified a new ransomware, dubbedShrinkLocker, that can encrypt the data and remove recovery options on Windows PCs.
The ShrinkLocker ransomware, once loaded on the PC, checks the installed edition of Windows and enablesBitLocker, if it is available. Then, it encrypts the whole drive and creates a new partition for the boot files of the operating system.
Now, threat actors delete anyBitlockerkeys and remove available recovery options, thus eliminating the possibility for users to revert the PC to a stable state or recover the data. The keys are then sent to a server controlled by the attackers, and all traces of the attack are wiped out!
Finally, the ShrinkLocker ransomware initiates a full system shutdown. Upon restarting the computer, users see the message,There are no more BitLocker recovery options on your PC. You’ll need to use recovery tools. If you don’t have any installation media (like a disc or USB device), contact your PC administrator or PC/Device manufacturer.
All of it is done using a VBscript and the built-in encryption tool,BitLocker. While the former lets threat actors automate the entire process, the latter allows effective encryption without relying on third-party tools.
Speaking about the ransomware and detailing the tips to stay protected,Cristian Souza, Incident Response Specialist at Kaspersky, said,
So far, instances of the attack have been reported in Mexico, Indonesia, and Jordan, with steel and vaccine manufacturers as the prime target. Although a government entity was also attacked,according to Kaspersky.
TheShrinkLockerransomware is the first of its kind, and it leverages a built-in Windows feature,BitLockermeant to enhance data protection and keep your PC safe from data theft.
Tips to stay protected against the ShrinkLocker ransomware
This isn’t the first time concerns have been raised about BitLocker. A few months ago, we reported howBitLockerencryption can be bypassedin less than a minute,
So, it’s time to take things into your own hands and deploy additional measures to protect your PC.Cyberattacks are on the rise, and you must act accordingly!
If you have any more tips to stay protected from theShrinkLockerransomware, share them with our readers in the comments section.
More about the topics:Ransomware,Windows
Kazim Ali Alvi
Windows Hardware Expert
Kazim has always been fond of technology, be it scrolling through the settings on his iPhone, Android device, or Windows PC. He’s specialized in hardware devices, always ready to remove a screw or two to find out the real cause of a problem.
Long-time Windows user, Kazim is ready to provide a solution for your every software & hardware error on Windows 11, Windows 10 and any previous iteration. He’s also one of our experts in Networking & Security.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Kazim Ali Alvi
Windows Hardware Expert
Kazim is specialized in hardware devices, always ready to remove a screw or two to find out the real cause of a problem.
