Ransomware encrypts all files and subfolder files in such as Pictures, Documents, and Videos so they cannot be accessed, to panic users.
What if the ransomware meets an endless subfolder ...
- Open command prompt, go to test folder, e.g. C:\Temp
- Create a sub folder named
mkdir !loop_for_ransomware - run
cd !loop_for_ransomware - run
mklink /d one ..\!loop_for_ransomware - run
mklink /d two ..\!loop_for_ransomware - these 2 symbolic links form an endless loop, you can verify this by
dir /s
- Open command prompt, go to test folder, e.g. C:\Temp
- run
for /R %x in (*.*) do ren "%x" *.test, to simulate "ransomware operation"
You can see only the first level files in the parent folder is affected, the files under subfolder have no change, because the "ransomware operation" is looped in the subfolder of !loop_for_ransomware
https://ss64.com/nt/mklink.html
ransomware simulation ransomware assessment eddie chu [email protected] anti-ransomware endpoint test infosec security cyber security cybersecurity incident response hacker antimalware anti-malware defense testing pentest penetration test Running wheel for Ransomware