Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims


Bitdefender has released a free decryptor to help victims of ShrinkLocker ransomware, which exploits Microsoft's BitLocker utility for encryption. ShrinkLocker, documented by Kaspersky in May 2024, targets organizations using supply chain attacks and lateral movement, encrypting systems like Windows 10, 11, and various Windows Servers. Bitdefender identified a "window of opportunity" for data recovery after removing protectors from BitLocker-encrypted disks. The ransomware, written in VBScript, relies on scheduled tasks and system-specific passwords for encryption. A bug in ShrinkLocker causes an infinite reboot loop in older systems when BitLocker installation fails. Organizations are advised to monitor Windows event logs and store recovery data in Active Directory Domain Services to mitigate such attacks.

Read More


thumb-image

Solutions