What is ransomware?
Ransomware is a malicious code that encrypts your files and then asks for a ransom to decrypt them.
How can you protect yourself against ransomware?
A lot of ransomware targets windows systems, so we will focus on them, but many of the steps you find below applies to non-Windows systems as well.
Now, let’s see how to mitigate the possibility of a Ransomware attack with a bunch of countermeasures:
- %appdata%\*.exe
- %appdata%\*\*.exe
- %localappadata%\*.exe
- %localappdata%\*.exe
- %appdata%\*.exe
- %appdata%\*\*.exe
- %localappadata%\*.exe
- %localappdata%\*.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- (Get-Item HKCU:\Software\CryptoLocker\Files).GetValueNames().Replace(“?”,”\”) | Out-File CryptoLockerFiles.txt -Encoding Unicode
If you get infected, you can always cross your fingers and take a look here:
https://www.nomoreransom.org/decryption-tools.html
That’s all folks! Enjoy and try to stay safe, a thing that is becoming more and more of a challenge.