A new methodology for instigating ransomware makes use of Windows' own Encrypting File System (EFS). EFS has been a part of Windows since Windows 2000. Unlike Windows' BitLocker -- which is a full disk encryption feature -- EFS can selectively encrypt individual files or folders. It does this transparently to the user, using a key that is partly stored in an accessible file, and partly computed from the user's account password.
Malware & Threats·Ransomware
New Ransomware Process Leverages Native Windows Features
A new methodology for instigating ransomware makes use of Windows' own Encrypting File System (EFS). EFS has been a part of Windows since Windows 2000. Unlike Windows' BitLocker -- which is a full disk encryption feature -- EFS can selectively encrypt individual files or folders. It does this transparently to the user, using a key that is partly stored in an accessible file, and partly computed from the user's account password. The post New Ransomware Process Leverages Native Windows Features appeared first on SecurityWeek.
Latest News
- TrueConf Zero-Day Exploited in Asian Government Attacks
- In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
- Critical ShareFile Flaws Lead to Unauthenticated RCE
- Mobile Attack Surface Expands as Enterprises Lose Control
- React2Shell Exploited in Large-Scale Credential Harvesting Campaign
- T-Mobile Sets the Record Straight on Latest Data Breach Filing
- North Korean Hackers Drain $285 Million From Drift in 10 Seconds
- Critical Vulnerability in Claude Code Emerges Days After Source Leak
Publisher