[ALUG] CTB-Locker

Andreas Tauscher ta at geuka.net
Mon Feb 29 18:44:21 EAT 2016


Since about a week a ransomware named CTB-Locker which was up to now
only known to encrypt files on Windows machines and blackmailing
bitcoins for the key to decrypt the files again is now in the wild as a
reimplementation in PHP.

After it got on a website it starts do encrypt files.
The criminals are even running a support chat to assist with the payment
of 0.4 Bitcoins.
Actual 1 Bitcoin is ~430 USD so they try to blackmail ~170 USD
As far is known most of the encrypted websites have been running
Wordpress or Joomla.

It is no miracle that they attack mainly Worpress and Joomla: It is
easy. Worpress and Joomla are hackers darling.
Many pages are unmaintained since years and full with unfixed bugs.

If you are running or maintaining Wordpress, Joomla or any other CMS:
* Keep it always up to date!
* Make frequently backups of files and database!

If you simply have a CMS website:
* Look for somebody who is serious doing the maintenance for you!
* Alternatively opt for a static website without Worpress, Joomla,
drupal or something similar. A CMS needs permanent maintenance!

Andreas

PS: And some nice words to the f.... ass.... doing in 2016 websites with
Joomla 1.5 which is EOL since 2012 (!) or Wordpress 3.5 which is also
EOL since years.
You should read what is worpress is writing on their release page
https://wordpress.org/download/release-archive/
"None of these are safe to use, except the latest in the 4.4 series,
which is actively maintained."
Somehow I really hope a bunch of your cheated clients getting a victim
of CTB-Locker and a niche lynch mob is showing up at your office :>
Idiots like you making this business model for criminals possible!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20160229/7cf1fb24/attachment.pgp>


More information about the Linux mailing list