Skip to content



Ransomware scans for default file types.  It then encrypts selected filetypes, whilst leaving others intact.



As ransomware now encrypts connected USB and Dropbox (cloud solutions), it would be interesting to change the default filetypes on cloud based backups in order to protect them from identification.

The hypothesis is that by changing the filetype to a random ending, we could trick ransomware into ignoring the file. This way critical backups would be left intact.


Experiment 1

Create empty text files in a test folder.



Trick Strategy

Notepad default endings .txt = changed to .123

PDF default endings .pdf = changed to .456

Word default endings .docx = changed to .789

Rename *.txt to *.123 files

renamed text files

Experiment 2

Bulk renaming operations using third party software.

Files stored as .123 filetypes, are ignored.

Backups would therefore be safe from ransomware encryption – if stored with a unique filetype.

bulk replacement tool with steps

Step 1 = match .123

Step 2 = Extension fixed = .txt

Step 3 = Select the file to convert

Step 4 = Rename Button (Bottom Right hand side)


Clearly this is an off the cuff idea. The next question is whether the central nugget of the idea would work.  Maybe I’ll sleep on the idea, and have part 2 for you soon.



From → Uncategorized

One Comment
  1. Reblogged this on TheFlippinTruth.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: