Reinvented ransomware shifts from pwning PC to wrecking websites A new ransomware variant appears to be ripping through WordPress sites encrypting data and demanding a payment of half a bitcoin to release files. The website variant of CTB Locker is encrypting all files on WordPress-powered sites and replacing the index.php with a file that displays instructions for paying the ransom. It …
"So how secure is it?" he asks pointedly
"A WordPress site?" I ask "Configured with every plugin under the sun? Loosely 'administered' by the PR team? Hosted on a cloud server in who-knows-where, chosen with the same care and attention you'd use in picking a toilet to use after seven pints and a bad curry and a half hour tube ride which only gets you half-way home."
... and more at http://www.theregister.co.uk/2016/02/26/bofh_2016_episode_3/ though at least the PR website in question was backed up and restored from on an hourly basis.
can decrypt two separately-encrypted files for free in a bid by attackers to demonstrate the legitimacy of the ransom demand."
Or they can restore the site in 10 minutes from off-line backups and tell the attackers to go fsck themselves... Presuming one does have a current backup. Of course finding the attack vector and removing/patching it is likely to take more than 10 minutes.
Or don't use Wordpress.
Customising Wordpress is a nightmare. Masses of indecipherable CSS and PHP files all over the place like a dog's breakfast, directories within directories containing bits and bobs and god-knows-what, it's an utter pile of trash.
Write your own code you lazy bastards. Then you know exactly what does what and where it's supposed to go. I can set up an easily maintainable small-business ecommerce website with protection against SQL-injection and XSS attacks, full CMS, invoicing and inventory management system, with at most 20 or so PHP files, 10 or so Javascript files, 3 CSS files and a single MySQL database with 28 tables. Why all this piles upon piles of crap in systems like Wordpress? With custom code you can strip it down to the bare bones required for the specific site and its needs.
Further, it confuses casual intruders. I know security through obscurity is not a good rationale for a high-profile site, but for a small-business mum-and-dad online shop it does add a layer of protection; if an intruder comes by and spots a Wordpress or Joomla install, they're more likely to exploit its known vulnerabilities, whereas fingering through an unfamiliar pile of custom PHP+Javascript for such a small site isn't worth their time and bother for the returns they'll get. These crooks look to strike in volume over hundreds of sites, because they know small-business site operators can't pay much, so they'll focus mainly on sites they can attack en masse for aggregate returns.
The problem is the high school kid they hired does not know of more advanced methods and tools whether its Rails, Django, or MEAN. These tools require a deeper knowledge to use than a configuring a few bits on Wordpress. Also, PHP is noted for a rather dodgy language (in fairness to its originators it evolved in to a sort of language).
@ Steven Roper
"Write your own code you lazy bastards. Then you know exactly what does what and where it's supposed to go. I can set up an easily maintainable small-business ecommerce website with protection against SQL-injection and XSS attacks, full CMS, ..."
Steven, I'd like to learn how to do some of this stuff for myself but my qualifications are in electronics, not software. Can you suggest some pointers for getting started, please? I realise that this may be too ambitious a goal, but I read these pages to further my knowledge. Thanks.
Ransomware won't exist in six months time.
I know, the government told me. They said they are stopping funding for the police and bobbies on the beat so they can tackle the ever growing threat of people speaking their minds terrists, peeds, and ransomers.
You'll have to hunt down the perpetrators yourself. In fact, don't do that, or else you will end up being nicked. And if someone starts beating your dog/wife/child to a pulp in front of your very eyes, DO NOT, repeat DO NOT try to defend them, or you'll be up on a charge as well. When being raped, DO NOT fight back, groan and say OOOH I LIKE IT LIKE THAT MORE MORE, or else you will be had up for obstructing a rapist in the vinegar throes of his crime - very serious indeed. Take it like a man if it's homosexual rape, and lie back and think of England, if you are a woman.
I don't know about you, but I feel safe at night with my hot mug of horlicks, knowing these fascist cunts wonderful government people, are looking after us.
Nothing to see here...
Just another sensationalist post. Sheesh, don't you people have lives to live...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
