Bitdefender has developed a decryptor for the ShrinkLocker encryptor, which has been damaging many companies around the world. This was made possible after numerous complaints from cybersecurity experts about the destructive effects of this malware, which uses BitLocker to encrypt files.
ShrinkLocker is characterized by an unusual tactic – it encrypts files using a legitimate Windows feature, BitLocker, blocking access to the system without the possibility of data recovery. The first incidents related to this malicious software were recorded in May of this year, when cybercriminals used it to attack industrial facilities and government institutions in Mexico, Indonesia and Jordan. ShrinkLocker automatically checks for the presence of BitLocker on the system, and if this feature is missing, installs it, and then re-encrypts the data with a random password. When the system restarts, a message appears with ransom instructions to restore access.
ShrinkLocker is growing in popularity among cybercriminals due to its simplicity and ability to quickly encrypt large amounts of data. It targets legacy systems such as Windows 7 and Windows Server 2008, making it attractive to less experienced attackers.
Bitdefender already has experience releasing decryptors for other malware such as LockerGoga and MegaCortex, and the new anti-ShrinkLocker tool will help victims recover data without paying a ransom. Bitdefender recommends that users and companies regularly update their systems and use the latest security tools to avoid such attacks. AND.