PHP ransomware attacks web blogs, websites, content platforms and more…

Ransomware in simple words is a well known and smart attack in which your files are encrypted, names are scrambled and that can be reversed back! (with a decryption key). The attacker asks you some fee to share that decryption key with you.

Simply put, you need to fork hundreds of dollars to get the data back from the crooks.

Its a popular windows attack but practically can be done on any server where files can be written. We’ve seen some ransomeware attacks on Android and Linux as well.

Today as PHP is the most popular programming language(most content and management systems, such as WordPress, Joomla and Drupal use PHP), it is now on a target of attackers as well.

A new form of PHP ransomware is there now that skips the local device part of the infection and instead goes straight for Web servers. The result? Virtually any site that hosts content is under threat.
The most recent ransomware can be recognised  with the name “CTB-Locker” from the pay page. CTB-Locker was likely modeled after the Linux.Encoder.1 website ransomware found in November 2015 — this new PHP malware also displays a message to all visitors informing them that the website has been compromised.

Tips to be safe

• Pick a strong password for your web server.
• Consider using two-factor authentication.
• Review all your server related access permissions. Make sure only the authority persons are allow to make any changes.
• Make sure your servers are upgraded and are patched against security holes.
• Consider setting up a real time antivirus on your servers.  This is important.
• Keep timely backups! Offsite backups.

Hire PHP Developers for more tips and help you in all sort of PHP Development