Hi,
What happens in case of a ransomware infection?
Will Cryptomator’s virtual drive be encrypted by ransomware infection as well?
That means also synchronized files in cloud provider’s server will be encrypted by ransomware… right?
Thanks for any advice.
Best regards,
Roberto Jobet
I guess, if you have your vault opened and mounted during the ransomware attack, then it is most likely that also the files in your vault will be affected. but: the sync does not happen automatically. So I assume, if you do not recognize the attack (during your vault is opened), and do start a sync to your cloud after the attac, then you are in trouble .
Your encrypted files are still files! So I suspect they absolutely will be. They’ll be encrypting an encrypted file! Doesn’t matter if it is unlocked or not!
Your best protection, besides vigilance, is backups. Assuming your drive is also in a cloud service (hence the use of cryptomator) they usually back up but a dedicated backup (especially multiple) is your best bet.
You are totally right. Sorry, I didn’t understand the question correctly.
OneDrive includes a 30day backup and restore in case of a ransomware attack: https://support.office.com/en-us/article/restore-your-onedrive-fa231298-759d-41cf-bcd0-25ac53eb8a15