So far we’ve seen news about ransomware that encrypts your PC, but a new strain of the malicious software targets websites.
A firm called Wordfence has discovered EV Ransomware which it says can encrypt a WordPress website. According to the firm an attacker will compromise a site running the WordPress content management system (CMS) and upload the ransomware.
Once uploaded the software encrypts the entire site.
At time of writing, the security firm says that while the ransomware has been spotted it isn’t exactly complete. While the encryption part of the ransomware works just fine decrypting the data doesn’t.
“If you are affected by this ransomware, do not pay the ransom, as it is unlikely the attacker will actually decrypt your files for you. If they provide you with a key, you will need an experienced PHP developer to help you fix their broken code in order to use the key and reverse the encryption,” says Wordfence.
The team first spotted EV in July but as of time of writing says that so far it has only seen attempts to upload the ransomware to sites running WordPress. That said, malware has a habit of evolving quickly and being disastrous when it does.
EV appears to be an adaptation of ransomware that was uploaded to Github in May 2016.
Those that have websites that run WordPress are advised to keep “good offline backups” and to use a firewall for protection.[Source – Wordfence] [Image – CC BY 2.0 StickerGiant Custom Stickers]