On 2022-08-09 22:23, Ángel wrote: > On 2022-08-04 at 18:58 +0200, Uwe Brauer wrote: > > > > Hi > > > > So is there any other way to run find and some other script to find > > suspicious files? Google is not really helpful > > > > Regards > > > > Uwe Brauer > > If you suffer a ransomware attack I would say your problem won't be > *noticing* that. If you didn't, that's a failure by the attackers. They > want you to notice (once they're finished), so that they get paid. > Most often, they will change the extension (.ransom, an email > address...) as well as include a ransom note on every directory. > > Once you find what pattern they used, it's simple to find all other > files like that.
I check for certain filename patterns and/or modified files (comparing to pre-created hashes) before initiating a backup. Best regards, Jan
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users