Thursday, 24 April 2025
26.8 C
Singapore
29.9 C
Thailand
19.5 C
Indonesia
28.8 C
Philippines

New ransomware exploiting Windows BitLocker discovered

A new ransomware strain, ShrinkLocker, uses Windows BitLocker to encrypt files, targeting government agencies and manufacturing firms.

Cybersecurity researchers recently uncovered a new strain of ransomware that utilises Windows BitLocker to lock users out of their devices. Dubbed ShrinkLocker by Kaspersky, this ransomware has been observed targeting government agencies and firms in the manufacturing and pharmaceutical sectors.

How ShrinkLocker works

When ShrinkLocker infects a system, it shrinks available non-boot partitions by 100 MB and creates new primary boot volumes of the same size. It then uses BitLocker, a feature in some versions of Microsoft Windows, to encrypt the files on the device.

Unlike other ransomware variants, ShrinkLocker does not leave a ransom note. Instead, it labels new boot partitions with email addresses, presumably encouraging victims to communicate through this channel. Additionally, ShrinkLocker deletes all BitLocker protectors after encrypting the files, leaving victims with no way to recover the encryption key. The attackers hold the key, obtained through TryCloudflare, a legitimate tool developers use to test CloudFlare’s tunnel without adding a site to CloudFlare’s DNS.

Previous incidents of BitLocker-based attacks

While ShrinkLocker is not the first ransomware to use BitLocker, it does introduce new features to increase the attack’s impact. In the past, a hospital in Belgium fell victim to a ransomware strain that encrypted 100 TB of data on 40 servers using BitLocker. Similarly, Miratorg Holding, a meat producer and distributor in Russia, suffered a similar fate in 2022.

International impact

ShrinkLocker has already affected organisations in Mexico, Indonesia, and Jordan, including steel and vaccine manufacturing companies. The full extent of the damage caused by this ransomware is yet to be determined.

Hot this week

ASUS introduces the first smart band with fingertip blood pressure and ECG tracking

ASUS launches VivoWatch 6 Aero, the first smart band with fingertip blood pressure and ECG tracking, powered by advanced health AI.

Rivian adds Cohere CEO to its board, showing confidence in AI direction

Rivian welcomes Cohere CEO Aidan Gomez to its board, marking a big move into AI and advanced tech for future vehicle innovation.

Tenable uncovers critical privilege escalation flaw in Google Cloud Composer

Tenable exposes a GCP vulnerability in Cloud Composer that allows privilege escalation through interdependent cloud services.

Tesla profits drop sharply as sales weaken and Musk backlash grows

Tesla’s profits fall 71% as sales dip, political backlash grows, and hopes turn to cheaper EVs and robotaxi plans.

Qualcomm unveils new Snapdragon 8s Gen 4 with high-end features for less

Qualcomm quietly unveils the Snapdragon 8s Gen 4 with high-end features and strong performance for next-gen smartphones at a lower price.

POCO launches entry-level C71 smartphone in Singapore with premium features

POCO launches the budget-friendly C71 smartphone in Singapore, offering premium design, enhanced cameras, and smooth performance at S$109.

NVIDIA uses AI to address climate, wildlife and disaster risks

NVIDIA’s AI tools support climate action, wildlife monitoring, and disaster risk mitigation, with uses spanning sea, land, sky and space.

Netflix raises subscription prices in Singapore again

Netflix again raises subscription prices in Singapore, with new rates for all plans and extra member slots.

GameMax unveils Blade Concept ATX case with bold design and powerful features

GameMax launches the Blade Concept ATX case, which features a striking blade design, RGB lighting, and support for high-end liquid-cooled PC builds.

Related Articles

Popular Categories