Programmer Humor

32371 readers

537 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.

founded 5 years ago

MODERATORS

[email protected]

784

In case of cyberattack (sopuli.xyz)

submitted 1 year ago by [email protected] to c/[email protected]

42 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 11 points 1 year ago (2 children)

The advice I've always heard is disconnect network but leave powered for forensics/recovery. Some ransomware store the decryption key soley in memory, so it is lost upon power loss

[–] [email protected] 2 points 1 year ago

That actually makes sense. We had a ransomware attack once. We also disconnected the device but I cant remember if we powered it off. At the time it stopped encrypting due to that since our network drives were not reachable anymore.

Is there actually a way to spread the encryption process to a server?

[–] [email protected] 1 points 1 year ago (1 children)

Im not a it expert at alll. But reallly ?

[–] [email protected] 1 points 1 year ago

Best I understand the encryption key is needed to encrypt and decrypt, so if the malware isn't written well enough it may well continue to store the encryption key in memory.

There's some old malware on archive.org that just pulls the FAT off the filesystem into memory and offers a dice roll to restore it