This was reported by Kaspersky Lab experts. They named the new malware ShrinkLocker. This is a “cunning” program written in VBScript that is used to automate tasks in old and new versions of Windows, so all versions are vulnerable to ransomware.
When a virus infects a device, it first changes the boot parameters of the operating system and then encrypts hard drive partitions using BitLocker technology. To boot successfully using the new parameters, a new boot partition is created.
To cover its tracks, the malware deletes all logs and files containing data of its work from the system, and all system-related information and the encryption key are sent to the operator’s server.
None of Windows’ security mechanisms work; they just close. At the same time, the main targets of attackers are pharmaceutical and industrial companies, and sometimes government institutions. That’s why ShrinkLocker is primarily aimed at enterprise devices.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
