Kaspersky has detected ransomware using a legitimate Windows feature

04.06 09:38 | Category Science and culture

Next, the malicious script sends system information and the encryption key generated on the infected computer to the malicious server. After that, it "cleans the tracks". removes logs and various files that can help investigate the attack. At the final stage, the malware forcibly blocks access to the system. The victim sees a message on the screen. "There are no options to restore BitLocker on your computer." Kaspersky experts named the malicious script ShrinkLocker. Changing parameters of hard disk partitions plays a key role during attacks. it provides an opportunity for criminals to boot the system with encrypted files.” The attacks used BitLocker, a tool originally designed to prevent unauthorized access to data. A defensive tool has become a weapon in the hands of criminals. Companies using BitLocker need to use strong passwords and securely store access recovery keys. It is also important to organize a backup copy of important data. We recommend using MDR or EDR class solutions for early detection and, of course, investigating all incidents to identify the original attack vector and exclude the recurrence of similar incidents in the future," comments Konstantin Sapronov, Head of Global Computer Incident Response Team at Kaspersky. Further risk mitigation tips from Kaspersky can be found here.

More News

Premiere. Lilit Karapetyan: "What is my fault" (video)

Elon Musk is currently working on a new version of Robots that can carry and care for a child for 9 months (video)

LIVE: Protest action of "Goi" staff in front of HRD office

Avinyan allocated 20 million drams to the "Armenian Actors' Union" NGO for the holding of the festival.

Would that some would defend the church with this same zeal in actual attacks; Nazeni Hovhannisyan

The movie "Msyo Aznavour" about Aznavour will appear at the Armenian box office

Doctor of technical sciences, professor Sargis Ghazaryan died

The Foreign Ministry confirmed that the film about Artsakh did not appear in the "Oscar" nomination due to pressure from Baku

At the request of Azerbaijan, Jordan withdrew the film about the revenge of an 11-year-old Artsakh resident submitted to "Oscar".

The policy adopted by the government aims to develop the scientific potential. Zhanna Andreasyan

The police forbade the actors of "Goi" to set up tents for the sit-in. Arzumanyan

Employees of "Goi" theater started a sit-in

We are concerned about the indicators of participation in voluntary certification and the overcoming threshold. Swajyan

A natural monument formed 300,000 years ago was just destroyed by an excavator in Hrazdan Gorge. Hayk Demoyan

An international conference dedicated to the 100th anniversary of Sergey Parajanov's birth was held in Madrid

How much money was allocated to the events dedicated to Charles Aznavour's 100th birthday?

Inviting Goi actors inside was fictitious (video)

We are not allowed to enter the "GOY" theater. the lawyer called the police

The Ministry of Justice could not issue a letter regarding the resumption of "Go". lawyer (video)

The actors of "Goi" called the police. they are not allowed to enter the theater. lawyer (video)

Kaspersky has detected ransomware using a legitimate Windows feature

Most read

Bayramov considered Armenia's absence from COP29 as a "missed opportunity".

We have casualties in the army

Dear opposition partners, I think you do not care about the fate of the prisoners. Rubinyan

Karen Sarukhanyan's uncle was also arrested in the drug case

Who are the arrested officials of Kentron administrative district?

Uruguay called on Azerbaijan to release all Armenian prisoners of war and hostages

Instead of firing people for using drugs, catch the drug dealers. Adibekyan to the Minister of Internal Affairs

The one who is talking so big now, in 2021, when Pashinyan "resigned", he was afraid to propose a new candidate for the prime minister. Khachatryan about Marukyan

Russia attacked Kiev with missiles and UAVs (photos)

News

The South Korean opposition leader was sentenced to a suspended prison sentence

Disarmament and demilitarization of Armenia. the Armenian-Azerbaijani contract, according to Edgar Ghazaryan

Turkey and Erdogan are not our friends, and Erdogan is one of the most dangerous dictators in the world. Tulsi Gabbard

Trump nominated Kennedy Jr. to be Secretary of Health

Around 600 Armenian trucks have accumulated near the Verin Lars checkpoint

Tulsi Gabbard. "Erdogan is a radical Islamist megalomaniac who wants to establish a caliphate and declare himself the caliph, the supreme ruler"

The financing and budgeting model adopted by the Ministry of Finance does not give hope. Cherubian

The US can increase its nuclear arsenal. The Wall Street Journal

Clearly today there is an urgent need for public acceptance or rejection of deep thought and ideas. Ananyan

Serob Gasparyan's detention period was extended by one month

"Veolia Water" company informs. there will be no water

Melania Trump has been called a big fan of Elon Musk

Every day of Melikbekyan's stay, our football is buried. "Shirak" reference of Gyumri

A state that does not even imagine what will happen to it in the near future. Vahe Hovhannisyan

Fire in one of the houses on Saryan street in Yerevan. "1 BIS" degree was announced (video)

The government should understand whether wages are really low or whether people really don't want to work. Papoyan

Unfortunately, football is cruel, one mistake leads to this result. Suren Chakhalyan (video)

"People". Pashinyan sent Karen Sarukhanyan, a potential candidate for the mayor of Gyumri, to take a drug test

"People". Following the "moving" earnings of Arusik Julhakyan, the author of the thought "Not everything that moves is movement"

"Publication". Gegham Manukyan ate yogurt during Nikol Pashinyan's speech

More News