ShrinkLocker: Ransomware Exploits BitLocker for Drive Encryption

ShrinkLocker is a new ransomware strain that exploits Microsoft’s BitLocker to encrypt entire drives, using a VBScript to shrink partitions and create new boot volumes. It disables Remote Desktop Protocol (RDP) and modifies registry settings to enforce encryption, making detection difficult. Instead of a ransom note, it embeds the attacker’s contact email in the boot partition labels, and deletes BitLocker protectors to prevent recovery.