all InfoSec news
ShrinkLocker: Turning BitLocker into ransomware
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
Attackers always find creative ways to bypass defensive features and accomplish their goals. This can be done with packers, crypters, and code obfuscation. However, one of the best ways of evading detection, as well as maximizing compatibility, is to use the operating system’s own features. In the context of ransomware threats, one notable example is leveraging exported functions present in the cryptography DLL ADVAPI32.dll, such as CryptAcquireContextA, CryptEncrypt, and CryptDecrypt. In this way, the adversaries …
attackers bitlocker bypass can code code obfuscation compatibility context creative crypters defensive detection features find goals introduction obfuscation operating system own ransomware ransomware threats system threats