Tools5 min read
GhostLock Locks 500K Files in 3 Minutes Without Encryption
A new proof-of-concept tool abuses Windows CreateFileW API to block file access across SMB shares. The technique evades all tested EDR products and requires no elevated privileges.
David OkonkwoMay 12, 2026