Detecting File Renaming with Abnormal File Extensions
In many cases, ransomware attempts to change or encrypt files in an infected system, and renames these files with a new file extension. The Catalogic DPX GuardMode agent stores a block list of suspicious file extensions for known malware, and occasionally updates this block list. When the Catalogic DPX GuardMode agent detects files containing any file extension in the block list, it alerts users via notification providers.
In Version 4.8.1, you can use the Catalogic DPX Master Server for the notification provider so that you see notification messages on the HTML5-based DPX Management Interface on your workstation.
Last updated