RegretLocker can bypass the often-long encryption times required when encrypting a machines virtual hard disks. It can close any files currently opened by a user to then encrypt those files, too. As of Tuesday, our threat intelligence team only knew of one in-the-wild reported sample, with no known or reported victims. The short note that victims receive, titled HOW TO RESTORE FILES.TXT contains the following text: Hello, friend. If you want to restore them, please email us : [email protected]”]

