02 Mar

March 2016 – beware the new cryptolocker targeting web sites!

Welcome to another quick Boffin update!

This month saw our favourite anti-virus/malware application Trend Micro become the #1 product according to the Gartner Group, just proving to us all once again that we’ve made the right choice in choosing TrendMicro to protect our PCs and Server data! Well done! If you’re not using Trend Micro, please call us and let us set you on the right path!


However the latest in Cryptolocker attack news is that there is a ‘new’ threat on the landscape. Hackers have now started targeting web servers and websites as well as PC’s. In a similar fashion to the original cryptolocker which encrypted all the files on PC’s and connected servers/ storage this new variant encrypts all the website pages and data and displays a public facing message informing everyone you have been hacked and that to get your website back it’d cost anywhere from .4 bitcoins ($250 ish AUD) upwards.

The method being employed to hack websites is simple. Prey on the companies that have an online presence but haven’t done any patches or upgrades to the underlying software that drives their site.

WordPress and Joomla are favourites as there have been a LOT of security patches and upgrades to fix issues over the last couple of years, and unless you are paying your web developer or hosting partner to maintain and upgrade your website software then you too will be vulnerable.

For the hundreds of websites hosted with EtherTech, we are currently undergoing an audit and will be in contact with all our clients over the next few months with an overview of their site and what needs to happens to A) secure it, and B) upgrade it and keep it current.

Please feel free to employ your web developer to maintain your website with regular updates, or perform the upgrades yourself.

It’s a lot like Windows updates. There are always flaws discovered in applications, the difference is that your website is publically available to anyone in the world, and if its vulnerable to attack, so too will you and your organisation be.

A typical ‘hacked ransomware web page’ has instructions on what happened and how to pay the hackers.

They’re even cheeky enough to have a ‘chat’ option now so you can type directly with the hacker (theoretically so they can help you in paying them).. Abusing them however probably wouldn’t help.

Rest assured that Trend Micro will protect your PC’s and servers from Cryptolocker attacks, but unfortunately it won’t work on your website. The only thing to help that is regular patching and maintenance.

Please contact us if you need any more information, or stay tuned for more updates.

Until next month!