def on_moved(self, event):
print("moved/renamed: " + event.src_path)
path, file = os.path.split(event.src_path)
rename_counter.append(file)
# One indication to know how to check Ransomware attack is when there is an increase
# in file renames and your data becomes encrypted.
# therefore, if we identify many of file renames, it's potential Ransomware issue.
if len(rename_counter) > 2:
print(f"The files {rename_counter} might be encrypted!")
ransomware_check.main()
def on_modified(self, event):
print("modified: " + event.src_path)
ransomware_check.main()
def on_created(self, event):
print("created: " + event.src_path)
time.sleep(10) # wait for the user to write the name of the file.
ransomware_check.main()