Sunday, February 28, 11:45
Home security Windows ransomware RegretLocker also encrypts virtual disks

Windows ransomware RegretLocker also encrypts virtual disks

As security researchers have discovered, teams ransomware keep up with the trends of the IT industry and have created a new strain of ransomware for devices WindowsThe RegretLocker, capable of being encrypted data and on virtual disks.


Security company Malwarebytes reports that RegretLocker uses a clever trick to overcome the long time it took to encryption of the virtual disks of a machine.

The malware manages to close any files opened by a user and encrypt them.

X X X X X X X X X X X X X X X X David Ruiz, reported that the Chloé Messdaghi, Vice President in Point3 Security, describes RegretLocker as malware that "breaks the execution speed barrier to encrypting virtual files".

"RegretLocker actually occupies the virtual disk and is much faster to run than previous ransomware that attacks virtual files," he said.

Ruiz, however, said that despite the complexity of RegretLocker, he was quite ordinary in his appearance. He did not ask for a large ransom and he asked for them victims to communicate with attackers through e-mail.

The brief note received by the victims, entitled "HOW TO RESTORE FILES.TXT", Contained the following text:" Hello, friend. All your files are encrypted. If you want to restore them, send us an email: petro @

Ruiz said RegretLocker treats virtual disks differently from other executives, who avoid these media because they are often too large and time-consuming.

"However, RegretLocker treats virtual disks differently. Uses functions OpenVirtualDisk, AttachVirtualDisk and GetVirtualDiskPhysicalPath to attach virtual disks as physical disks to Windows computers, ”Ruiz said.

"Once the virtual disk is inserted, RegretLocker encrypts the disk files individually, which speeds up the overall process." Malwarebytes researchers analyzed a sample of RegretLocker and found that it could work device is connected to Internet as well as offline.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Google Maps: How to add private tags

The Google Maps application offers many features to its users, such as important landmarks located nearby. If you want...

Los Angeles: Flying cars in the city sky by 2024

Flying cars are now one step closer to becoming a reality, as one of the biggest players in the field has committed ...

How to hide the Tab bar in Safari for iPad (or reset it)

By default, Safari for iPad displays a toolbar full of browser tabs when you have more than one tab open. If you prefer ...

Bill Gates says he prefers Android smartphones to iPhones

Microsoft co-founder Bill Gates, this week participated in his first meeting with the company Clubhouse, which has the ...

Cybercriminals offer hacking services to governments

Hacking groups involved in various cybercrime are now so specialized that state governments use them for their own ...

Intel fixes bugs in Wi-Fi and Wireless Bluetooth drivers

Intel has encountered issues with Wi-Fi and Wireless Bluetooth drivers causing BSOD errors in Windows 10 and Bluetooth devices ...

Hyundai: The recall of 82.000 electric vehicles will be one of the most expensive in history Η Hyundai θα ανακαλέσει 82.000 ηλεκτρικά αυτοκίνητα για να αντικαταστήσει τις μπαταρίες τους, καθώς έγιναν 15...

Star Wars: Republic Commando is coming to PS4 and Nintendo Switch Ήταν το 1977 όταν ο George Lucas μας έβαλε στον φανταστικό κόσμο του Star Wars, μέσω...

Npower: Disables mobile app after credential stuffing attacks

One of the largest energy companies in the United Kingdom, Npower, was forced to disable its mobile app when it learned about a ...