HackWarningAnother bit of ransomware is in the news. But this time security researchers aren’t able to pin down the process by which it is being delivered to unsuspecting computer users.

Here’s what they do know: Otherwise legitimate websites that are powered by WordPress have been compromised, and malicious code has been added to existing webpages.

A visitor to an infected webpage will be redirected to a different site, and a a stream of advertising will appear in the browser window. Meanwhile, the victim’s PC will be infected with ransomware if an out-of-date version of the following applications are installed on their computer:

  1. Adobe Flash Player
  2. Adobe Reader
  3. Microsoft Silverlight
  4.  Internet Explorer

Currently, it appears that only two out of the leading 66 antivirus utilities are actually able to detect the malicious software. Once the ransomware is activated on the target computer all data files will be encrypted, and a substantial payment will be demanded in exchange for a decryption key to recover them.

WordPress is a popular webpage authoring package with over 74 million hosted sites. Researchers are not able to determine how the WordPress sites are compromised, so it’s possible that an undocumented exploit is at fault. If this is the case, it’s possible that any WordPress installation (patched or not) could be enlisted in disseminating the malware.

Until more is known, here’s how you can protect yourself now:

  1. Back up your data now, and restore it if the PC becomes encrypted
  2. Uninstall any of the applications you don’t actually need
  3. Ensure that all the remaining applications are up to date
  4. Use (the more secure) Google Chrome browser instead of Internet Explorer

This post will be updated as additional information is made available.

879 total views, 3 views today