[Samba] Ransomware?
Dmitry Melekhov
dm at belkam.com
Mon May 16 11:04:17 UTC 2016
16.05.2016 14:38, Reindl Harald пишет:
>
>
> Am 16.05.2016 um 07:32 schrieb ToddAndMargo:
>> May I surmise that all the encrypted file now have
>> an extra extension of ".crypt"? So it is easy to
>> see who got clobbered.
>
> how do you come to that conclusion and even if some malware acts that
> way what makes you sure you can rely on that? IMHO it would only be so
> when the developer of the ransomware is a fool!
By the way, could someone recommend best , or at least way this one
really use, to detect that there was massive file encryption?
Thank you!
>
> why should he give you something to make a "locate .crypt" on the
> fileserver and backups easy?
>
>
>
More information about the samba
mailing list