New Ransomware Process Leverages Native Windows Features
A new methodology for instigating ransomware makes use of Windows’ own Encrypting File System (EFS). EFS has been a part of Windows since Windows 2000. Unlike Windows’ BitLocker — which is a full disk encryption feature — EFS can selectively encrypt individual files or folders. It does this transparently to the user, using a key that is partly stored in an accessible file, and partly computed from the user’s account password.
Read more: New Ransomware Process Leverages Native Windows Features
Story added 21. January 2020, content source with full text you can find at link above.