In a concerning development, a new ransomware gang has emerged employing BitLocker encryption technology to hold databases hostage, demanding payment for decryption keys.
BitLocker, a Windows encryption tool, safeguards data by encrypting hard drives, requiring multi-factor authentication for access.
Reportedly, the ShrinkLocker ransomware gang has been observed targeting companies in Mexico, Indonesia, and Jordan, focusing on vaccine and steel manufacturers, along with a federal agency.
Their strategy appears clear: coerce victims into paying ransoms, especially those reliant on critical data for operations.
The onslaught of ransomware continues unabated, with criminals adopting double and triple extortion tactics. Alarmingly, some victims are targeted multiple times within a year, either due to neglecting to patch vulnerabilities or underestimating criminals’ persistence.
Recently, RansomHub, previously associated with the Alphv or BlackCat ransomware gang, resurfaced, re-victimizing those previously targeted. Notably, a victim who initially paid $22 million to BlackCat found themselves compelled to pay an additional $15 million to the subsequent gang.
These developments pose a formidable challenge for security experts and law enforcement agencies, as efforts to contain file-encrypting malware prove increasingly difficult.
We welcome suggestions from readers on combating this growing threat.