Does Huntress detect ransomware?

Ransomware detection was not the intent of Huntress. Ransomware typically does its malicious activity and deletes itself, whereas Huntress was developed to look for malware that is meant to run long term on a computer. Occasionally we do detect indications of ransomware, but when we do it has already encrypted the files. Sometimes we flag an encrypted desktop.ini file or a ransom notice within a user’s startup folder. Unfortunately, some newer ransomware variants only encrypt document files (PDF, Word, XLS, etc.) and don't drop a ransom notice, so those ransomware infections would not be seen by Huntress at all.

Still need help? Contact Us Contact Us