• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Ransomware Malware on the Web?

April 28, 2012Tony Perez

4
SHARES
FacebookTwitterSubscribe

As the week comes to a close I wanted to take a minute to talk about something we haven’t yet – Ransomware Malware.

The idea came from a case this week where a client was defaced. Instead of engaging the host or malware professional she took it upon herself to plead with the attacker via the provided email (you have to love egos). What was most amusing is that the attacker finally gave in and restored her website to get her off his back.

Obviously not something we recommend, but an amusing story nonetheless. She turned his defacement and retaliated with a little something we like to call, “Begware.”

And so this got us thinking about something that has predominantly been isolated to the notebook and desktop environments – ransomware malware.

What is Ransomware Malware?

It’s a type of malware designed to hijack a victim’s information, often isolated to local environments, in return for money or some other collateral. It actually made its debut back in 1989 in a trojan called PC Cyborg.

The idea is simple, keep you from your data.

Imagine one day turning on your computer and seeing a splash page that provides you instructions on how to go about retrieving your information. To retrieve it though you must pay the attacker X amount of dollars in return for a key that will undo what kept you from your data.

Ransomware and the Web

So the obvious question: Is it a trend we’re seeing on the web? The answer is no, but a definite possibility.

Thinking Through It

What would you do if you opened your site one day and it had an ugly defacement on it? Something like this:

Instead of being informed of the weakness in your website’s security and their obvious superiority, you get a message that says:

We have stolen your website, send money via PayPal to this account and we’ll reinstate your site!!!

What Would You Do?

The harsh reality of the situation is that some folks would most likely comply with such demands. That is the part that worries us the most, not those that would see this and laugh, but rather those that would see this and comply.

What To Do

If ever presented with something like this, don’t fret. The web-o-sphere is a different animal than local environments. There is no one piece of the puzzle that can be kicked out from under you, as long as you are being proactive.

The key word being – proactive.

Understand that you and only you are responsible for your website. It’s easy to pass the buck off to someone else, your developer, designer, host, or the malware company but in the end, it’s your site. Take ownership!

So here is a list of what to do:

  1. Take a step back, collect yourself, and breathe
  2. Call your hosting company
  3. Have them apply your backups – You have backups right?
  4. Change all your credentials – FTP, SFTP, SSH, Admin Panel, CPANEL, Database, etc..
  5. Engage with a malware company

If you are a proactive website owner then you would have done your homework and you would have:

  1. Host contact information in the event of emergencies
  2. Understanding of host protocols when it comes to malware
  3. Backups going back at least 1 week of your database and website

Looking Forward

While not currently an active web-based threat it was good to take a minute to stop and think about it. To think about what someone would do if it ever happened and how it could be applied is fundamental to how we do business. Additionally, with the evolution and increased sophistication of web-based malware we would not be surprised to see it.

Fortunately, as in most cases, by taking a few proactive steps a website owner is able to keep themselves from becoming a victim.

If you have seen cases of this or experienced it yourself we would love to hear from you. Send us a note at info@sucuri.net

4
SHARES
FacebookTwitterSubscribe

Categories: Security Education, Website Malware Infections, Website SecurityTags: Malware Cleanup, Website Ransomware

About Tony Perez

Tony is the Head of Security Products at GoDaddy and Sucuri Co-Founder. His passion lies in educating and bringing awareness about online threats to business owners. His passions revolve around understanding the psychology of bad actors, the impacts and havoc hacks have on website owners, and thinking through the evolution of attacks. You can find his personal thoughts on security at perezbox.com and you can follow him on Twitter at @perezbox.

Reader Interactions

Comments

  1. Matt McInvale

    April 28, 2012

    Great writeup. Will be very interesting to see if this type of thing starts happening.

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

2019 Threat Report

The Anatomy of Website Malware Webinar

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.