WordPress websites now being attacked by ransomware

In the past, we have blogged about a strain of ransomware called Cryptolocker, which encrypts all the files on your machine (and network, if it can), then demands payment to reinstate access to your files.

Now, a similar attack is occuring to websites powered by popular CMS WordPress. Once this occurs, the whole website is encrypted, and all visitors to the website see a demand for payment instead.

There is currently no way of decrypting these files beyond paying the demand and hoping the criminals are true to their word. Cryptographers have released tools to decrypt files for free in the past, so it’s not impossible that they will find a way to decrypt this new attack.

Of course, one should definitely not hang their hopes on a free fix being made available. As always, ensuring your website CMS is completely up to date, and making sure you have adaquate backups to revert to in an emergency is the best way to combat such threats.

 

Posted in Security, Wordpress

Leave a Reply

Your email address will not be published. Required fields are marked *

*