a bit off topic, how to find encrytped files (ransom attack)
oub at mat.ucm.es
Thu Aug 4 18:58:57 CEST 2022
I apologize for this message that can be a bit off topic.
(I am on Ubuntu 16.04)
How can I find say encrypted files in my home directory? The idea is to
use some magic command together with the find command.
1. The file command will return for example for a gpg encrypted file
.authinfo.gpg: PGP RSA encrypted
2. However for X509 file I obtain
3. I could use the ent command which measure the entropy, high
entropy is an indication of encryption (but jpg have also high
entropy). However I should then study the distribution of each
letter to be sure.
So is there any other way to run find and some other script to find
suspicious files? Google is not really helpful
I strongly condemn Putin's war of aggression against the Ukraine.
I support to deliver weapons to Ukraine's military.
I support the ban of Russia from SWIFT.
I support the EU membership of the Ukraine.
More information about the Gnupg-users