Kaspersky has detected ransomware using a legitimate Windows feature

04.06 09:38 | Category Science and culture

Next, the malicious script sends system information and the encryption key generated on the infected computer to the malicious server. After that, it "cleans the tracks". removes logs and various files that can help investigate the attack. At the final stage, the malware forcibly blocks access to the system. The victim sees a message on the screen. "There are no options to restore BitLocker on your computer." Kaspersky experts named the malicious script ShrinkLocker. Changing parameters of hard disk partitions plays a key role during attacks. it provides an opportunity for criminals to boot the system with encrypted files.” The attacks used BitLocker, a tool originally designed to prevent unauthorized access to data. A defensive tool has become a weapon in the hands of criminals. Companies using BitLocker need to use strong passwords and securely store access recovery keys. It is also important to organize a backup copy of important data. We recommend using MDR or EDR class solutions for early detection and, of course, investigating all incidents to identify the original attack vector and exclude the recurrence of similar incidents in the future," comments Konstantin Sapronov, Head of Global Computer Incident Response Team at Kaspersky. Further risk mitigation tips from Kaspersky can be found here.

More News

The 12th century Armenian church door will be moved to the Armenian History Museum

In 2035, there may be clashes between humans and robots in Europe. Europol

The winner of Eurovision 2024 has refused the trophy because of Israel's participation

Scientists have discovered the chemical composition of small asteroids

A gene editing method has been developed to destroy HIV

Signals emitted by comet 3I/Atlas confirm its natural origin

A new life form has been discovered in Chernobyl

Revival of memory and culture. "The love story of Artsakh" returned to the stage (video)

The treasures of the depository-museum of St. Etchmiadzin Cathedral

People's Artist of Russia Vladimir Simonov died

It became known where the first people came from

Chimpanzees have been found to show signs of rational thinking

A terrifying bat signal has been detected in space

Scientists warn about the deadly danger of vaping

Scientists have discovered the secret to alleviating knee pain

Scientists have found out what the void of space is made of

Scientists have recorded the brightest black hole explosion in history

Two powerful flares were recorded on the Sun in one hour

The International Festival "Theatron" aims to strengthen the cultural dialogue between Armenia and the Francophone world

Scientists have discovered a hidden sign of psychopathy in relationships

Kaspersky has detected ransomware using a legitimate Windows feature

Most read

I see you have a lot of time for interviews, clown. Tsarukyan to Topuria

Eduard Spertsyan was recognized as the best football player

The wife of the deceased member of parliament from KP, candidate for member of parliament

The plane that took off from Ankara and headed for Tripoli disappeared from the radars

The owner of the 2nd company that imported gasoline from Azerbaijan is the nephew of Samvel Aleksanyan's wife (video)

The wreckage of the plane that crashed near Ankara was found

A famous singer died due to electric shock

The commander is determined. Garnik Danielyan visited "Sisakan" detachment commander Ashot Minasyan

Vera Alentova, the main actress of the film "Moscow does not believe in tears", died

News

Israel has recognized the independence of Somaliland

Bayramov spoke about "solving the issue" of enclaves and exclaves

Brussels can no longer be considered a Belgian city. Musk. Who is the Prime Minister candidate of ANC (video)

Levon Mnatsakanyan refused to testify during the preliminary investigation in Baku court

In Great Britain, Pashinyan was called a dictator who persecutes the Church and cooperates with Azerbaijan (video)

The increase of flights from Turkey to Armenia is not new, we are aware of it. Byram

Macron knows how to organize a conversation with Putin. Russian Deputy Foreign Minister Ryabkov

Zakharova revealed the purpose of Western sanctions

Saint Mikael was operated on a while ago

J. Chichoyan, now I will answer the journalists' questions that you conducted the judicial act of Davit Hambardzumyan very objectively and in the interest of justice. lawyer

The Prime Minister of Georgia believes that 2026 will be a politically calm year for the republic

Kim Jong Un has called for an increase in ammunition production in 2026

Trump announced that US forces have struck ISIS militants in Nigeria

Rubio announced the United States' willingness to facilitate negotiations between Cambodia and Thailand

Kobakhidze. The EU should be interested in restoring relations with Georgia

The person stole 3.3 million drams by computer fraud, committed money laundering. the preliminary investigation of the criminal proceedings has been completed

The court did not take Vakhtang Mirumyan, the former deputy chairman of the SRC, into custody. Armlur

This is not a classic peace, but a model of permanent capitulation. Surens

"Mother Armenia" will participate in the liturgy to be held in the Cathedral on Sunday

A number of Ministry of Defense officials are accused of large-scale embezzlement and its support. what is known

More News