The ShrinkLocker BitLocker Ransomware Recovery and Decryption
In our recovery lab today at Lockbit Decryptor, we isolated a sophisticated attack vector identified as ShrinkLocker. This strain does not rely on custom cryptographic primitives but instead weaponizes the native Windows BitLocker utility to encrypt storage drives. Our forensic analysis confirms this is a “living-off-the-land” (LotL) attack where the actors abuse legitimate administrative tools…