Security researchers at Kaspersky have identified a new ransomware strain called ShrinkLocker.

ShrinkLocker targets enterprise PCs in Mexico, Indonesia, and Jordan.

This ransomware utilizes VBScript to enable BitLocker encryption on Windows OS.

The attack shrinks drive partitions and creates a new boot partition, rendering the PC unusable.

ShrinkLocker disables key protections and generates a unique encryption key.

Data is unrecoverable without the attacker's key.

Mitigation steps include using robust endpoint protection and implementing Managed Detection and Response.

Ensure BitLocker uses a strong password and limit user privileges.

Monitor network traffic and log VBS and PowerShell events.

Make offline backups and test them.

Organizations must take proactive measures to protect their systems and data from this evolving threat.