Ransomware Targets WordPress

Recently, we've seen ransomware being used in attacks targeting WordPress sites. I received an email earlier today from the developer of my security plugin, alerting me of the news. The following post describes what this ransomware does and how to protect yourself from being hit by this attack.

What Is Ransomware?

Ransomware is malicious software that an attacker installs on your computer or on your server. They use an exploit to gain access to your system, and then the ransomware executes, usually automatically.

Ransomware encrypts all your files using strong unbreakable encryption. The attackers then ask you to pay them to decrypt your files. Usually payment is via bitcoin. Bitcoin gives the attackers a way to create an anonymous wallet into which the ransom can be paid. “That wont happen to me”. I know what you're thinking, nobody has an interest in installing ransomware on your site. You don't have millions of dollars, so why would they target you?

Would it surprise you to know that the average ransomware payment is only $1077? [Source: Symantec Threat Report 2017]

During the analysis of malicious traffic targeting WordPress sites, they captured several attempts to upload ransomware that provides an attacker with the ability to encrypt a WordPress website’s files and then extort money from the site owner. How To Protect Yourself

This ransomware was first seen by used in a single attack attempt on July 7th.

My website hosting and security package will protect you from being hit by this in the first place.

If you're already a client, you can disregard everything you just read. You're protected. If you're not one of my hosting clients, now is a good time to seriously consider how this could affect your business. It is important that you don’t store your backups on your web server. If, for example, they’re stored in a ZIP archive on your server, then if your site is taken over by this ransomware, the backups will also be encrypted and will be useless. Your backups should be stored offline, either with your hosting provider or using a cloud storage service like Dropbox. A Few Last Questions
  • Who's protecting your website?
  • Are you doing regular backups
  • What security features are installed on your site?

  • If you're struggling to answer these questions. [email protected]

    Leave a Reply