a bit off topic, how to find encrytped files (ransom attack)
tech at eden.one
Thu Aug 4 20:20:42 CEST 2022
I just check for a list of ransomware filename patterns (e.g.
On 2022-08-04 18:58, Uwe Brauer via Gnupg-users wrote:
> I apologize for this message that can be a bit off topic.
> (I am on Ubuntu 16.04)
> How can I find say encrypted files in my home directory? The idea is to
> use some magic command together with the find command.
> I know
> 1. The file command will return for example for a gpg encrypted file
> file .authinfo.gpg
> .authinfo.gpg: PGP RSA encrypted
> 2. However for X509 file I obtain
> file test.p12
> file.p12: data
> 3. I could use the ent command which measure the entropy, high
> entropy is an indication of encryption (but jpg have also high
> entropy). However I should then study the distribution of each
> letter to be sure.
> So is there any other way to run find and some other script to find
> suspicious files? Google is not really helpful
> Uwe Brauer
> I strongly condemn Putin's war of aggression against the Ukraine.
> I support to deliver weapons to Ukraine's military.
> I support the ban of Russia from SWIFT.
> I support the EU membership of the Ukraine.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 228 bytes
Desc: not available
More information about the Gnupg-users