a bit off topic, how to find encrytped files (ransom attack)
Ángel
angel at pgp.16bits.net
Tue Aug 9 22:23:21 CEST 2022
On 2022-08-04 at 18:58 +0200, Uwe Brauer wrote:
>
> Hi
>
> So is there any other way to run find and some other script to find
> suspicious files? Google is not really helpful
>
> Regards
>
> Uwe Brauer
If you suffer a ransomware attack I would say your problem won't be
*noticing* that. If you didn't, that's a failure by the attackers. They
want you to notice (once they're finished), so that they get paid.
Most often, they will change the extension (.ransom, an email
address...) as well as include a ransom note on every directory.
Once you find what pattern they used, it's simple to find all other
files like that.
Regards
More information about the Gnupg-users
mailing list