Kaspersky has detected ransomware using a legitimate Windows feature

04.06.2024 09:38 | Category Science and culture

Next, the malicious script sends system information and the encryption key generated on the infected computer to the malicious server. After that, it "cleans the tracks". removes logs and various files that can help investigate the attack. At the final stage, the malware forcibly blocks access to the system. The victim sees a message on the screen. "There are no options to restore BitLocker on your computer." Kaspersky experts named the malicious script ShrinkLocker. Changing parameters of hard disk partitions plays a key role during attacks. it provides an opportunity for criminals to boot the system with encrypted files.” The attacks used BitLocker, a tool originally designed to prevent unauthorized access to data. A defensive tool has become a weapon in the hands of criminals. Companies using BitLocker need to use strong passwords and securely store access recovery keys. It is also important to organize a backup copy of important data. We recommend using MDR or EDR class solutions for early detection and, of course, investigating all incidents to identify the original attack vector and exclude the recurrence of similar incidents in the future," comments Konstantin Sapronov, Head of Global Computer Incident Response Team at Kaspersky. Further risk mitigation tips from Kaspersky can be found here.

More News

Declassified NASA materials have sparked a shocking new discussion about the Moon

The "Classical Eurovision 2026" contest has started in Yerevan. The representative of Armenia will give a speech on the 6th

"The End of Genocide": The Russian edition of Raymond Gevorgyan's work was presented in Yerevan

Around 30 state and private museums and collections of Artsakh appeared in the conditions of the archaeological flood

"Sacrifice to the gods". a chance walk in Norway led to a sensational find

Scientists have found that Neanderthal genes may be the cause of depression

Scientists have explained the phenomenon of "sixth sense".

Scientists have discovered an unusual arachnid in amber, dating back 35 million years

Scientists have found that every person's brain is "wired" for music from birth

Scientists have found that pepper leaves can slow down the deposition of fat

2026 is an important year for 6G and smart systems

NASA is preparing a technological base for flights to Mars

"We almost had a disaster." NASA's belated confession

Scientists have found out what kind of behavior "reveals" a confident man

Scientists have discovered a hidden sign of psychopathy in relationships

Scientists have found a way to "turn off" prostate cancer genes

Products found to be hazardous to the mobility of the elderly

Scientists warn about the deadly danger of vaping

Scientists have created crystals that defy the laws of physics for the first time

Scientists have warned of the high dangers of electric scooters for children

Kaspersky has detected ransomware using a legitimate Windows feature

Most read

The meeting of foreign ministers of Russia and Turkey took place in Moscow

The mother hesitates, does not drink water, says that water is her enemy. details about the accident (video)

"People". Being elected as an opposition member of parliament becomes a basis for criminal prosecution

The EU is developing a package of accelerated measures to improve trade ties with Armenia

The body of a drowned 7-year-old girl was found in Pambak river

"Publication". Chaotic situation. Armenian drivers are in a desperate situation

The Stockholm Arbitration Tribunal has satisfied the petition of the RA government in the case of the HEC

This bridge was first targeted by the US. Melikyan's comment from post-war Iran

Macron emphasized the need to maintain the terms of the US-Iran agreement

News

The President of the Republic of Korea asked the Pope to visit the DPRK

Trump surprised his aides by signing the Iran deal in Versailles

White House. The US and Iran have yet to agree on plans to start talks

On the eve of astronomical summer, June 20, the highest temperatures of the year are expected

Currency exchange rate at exchange points as of June 19

They demand Kostanyan from Russia. "Publication"

They canceled it in the Ministry of Defense, but not in the Ministry of Internal Affairs. "Publication"

"Publication". Who are running for the position of RA president?

"Publication". Tatoyan took a big loan

"Right". "Strawberries in Armenia are what are produced in France"

"People". The results of the elections have not been summarized yet, but the issue of Vardevanyan's mandate is already being discussed

"Publication". What does Pashinyan promise Aliyev in exchange for not changing the Constitution?

"Right". Nicole's post-election tweets

Declassified NASA materials have sparked a shocking new discussion about the Moon

Germany will jointly develop an air defense system with Ukraine

"They put guns to their heads", they take them to vote, people are in captivity, they must be released: Ishkhanyan (video)

The 13-year-old girl has not yet been found in Pambak river. The search will continue tomorrow

The US lifted the naval blockade of Iranian ports

The US is negotiating with the Cuban government. Vance:

The child who participated in the metro incident with Pashinyan, the grandson of Meruzhan Mosiyan, defeated the Turkish rival

More News