p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Docs: Improve language regarding ransomware targeted file extensions

This commit is contained in:
Mike Salvatore 2021-06-30 08:41:26 -04:00
parent 2427393e4a
commit ebab7be32b
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/content/reference/ransomware.md
View File

@ -56,8 +56,8 @@ notify and prevent these changes from taking place.
## Which files are encrypted? ## Which files are encrypted?
All regular files with [valid All regular files with [targeted file
extensions](#file-extensions-targeted-for-encryption) in the configured extensions](#files-targeted-for-encryption) in the configured
directory are attempted to be encrypted during the simulation. directory are attempted to be encrypted during the simulation.
The simulation is not recursive, i.e. it will not touch any files in The simulation is not recursive, i.e. it will not touch any files in
@ -68,12 +68,10 @@ These precautions are taken to prevent the monkey from going rogue and
accidentally encrypting files that you didn't intend to encrypt. accidentally encrypting files that you didn't intend to encrypt.
## File extensions targeted for encryption ## Files targeted for encryption
Encryption attempts are only performed on regular files with the following Only regular files with certain extensions are encrypted by the ransomware
extensions. simulation. This list is based on the [analysis of the Goldeneye ransomware by
This list is based on the [analysis of the Goldeneye ransomware by
BitDefender](https://labs.bitdefender.com/2017/07/a-technical-look-into-the-goldeneye-ransomware-attack/). BitDefender](https://labs.bitdefender.com/2017/07/a-technical-look-into-the-goldeneye-ransomware-attack/).
- .3ds - .3ds