a bit off topic, how to find encrytped files (ransom attack)
angel at pgp.16bits.net
Tue Aug 9 22:23:21 CEST 2022
On 2022-08-04 at 18:58 +0200, Uwe Brauer wrote:
> So is there any other way to run find and some other script to find
> suspicious files? Google is not really helpful
> Uwe Brauer
If you suffer a ransomware attack I would say your problem won't be
*noticing* that. If you didn't, that's a failure by the attackers. They
want you to notice (once they're finished), so that they get paid.
Most often, they will change the extension (.ransom, an email
address...) as well as include a ransom note on every directory.
Once you find what pattern they used, it's simple to find all other
files like that.
More information about the Gnupg-users