The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent the data from being corrupted by two processes writing to a file at the same time. When a file is locked, this also prevents ransomware applications from encrypting them without first shutting down the process that locked the file.
Source: Bleeping Computer
