Hello,
Some .stop files got flagged for possible ransomware. Googling .stop files come back as a STOP/DJVU Ransomware. I can't find anything else on whether these files are legitimate and so I wanted to ask the community. Does anyone know if these files are legit? Our environment is operationally sound. Nothing out of the ordinary. None of these files are encrypted. No note. Operations is perfect. Our security stack is not reporting anything unusual as well.
The following path contains multiple .stop files. A ticket has been opened with support. If these are normal files, why would VMware utilize a file type that is associated to a known ransomware? Any insight is greatly appreciated. Thanks in advance.
/opt/vmware/vpostgres/12/share/tsearch_data/