W
Wave
If you backup the encrypted files it will be fine. Unless the hardware used to store the encrypted files has been exploited (e.g. BadUSB with a USB to spread across over systems silently in the background) then the ransomware won't be able to spread across systems... And regardless, unless an exploit like that was being used, you'd need the ransomware launcher to be executed on the system for it to encrypt the files of that host as well, and the encrypted files are encrypted and unusable, not infected like a virus... And the loader is often removed by the launcher after the encryption process.Hi guys , I am here with another curiousity:
on bleepingcomputer , they suggest to make (into an externals HD ) an image of the HD encrypted by a ransomware ( because of the possibility to be able to decrypt the files in the future, if someone make up a decryptor.. And to decrypt other things like registry keys or ransom notes could be useful ) ,
so I wonder : since ,in the image ,files are compressed, can the ransomware be active and encrypt other files i put later ( or already are) in the same external HD
Thank you
If you move encrypted files to an external HDD and then you move normal files to this external HDD they won't become encrypted, since there will be no active ransomware to encrypt the newly added files... It doesn't work like magic, it can't just magically re-appear and execute the encryption code! (and the encrypted files aren't infected and thus there is no executable ransomware code to spread the encryption should the user try to run the encrypted files - assuming this is the case, you never know, malware is evolving all the time!).