Ransomware is a business. And like all smart business people, hackers look for efficiencies to increase revenue and lower cost of delivery.
This helps explain why ransomware’s evolving. One piece of evidence: hackers are using it to target compromised WordPress blogs.
It’s nothing new, of course. Compromised WordPress blogs have been favorite targets for years. But ransomware is a much faster way for criminals to cash in. Just lock down the site until the victim shells out. It’s Business 101, via Don Corleone.
One-step monetization for cybercriminals.
Ransomware is way easier than the traditional path to monetization. The old school way is to scan the internet for websites running old WordPress, or WordPress with out-of-date plugins. When you find a target, compromise it and use the site to host phishing websites, deliver drive-by malware or rent time to spammers.
Next, send out massive phishing campaigns luring victims to your compromised website, which you design to look like a bank. Collect banking credentials or other credentials. Go on a shopping spree for Macbook Pros, iPads, whatever. Have your mules ship the ill-gotten hardware to your home country and resell it to local currency.
Now enjoy a nice a steak dinner. You’ve earned it because, man…all those steps are exhausting. Smart operators skip them and go straight for the jugular.
Here’s how to avoid it.
First, don’t have a lame password.
Second, leave Auto Updates alone. Just leave it on. You need to turn it off yourself before Auto Updates stops.
Third, back up your WordPress site regularly. It’s quick and easy, so just do it.
Fourth and last, it’s WordPress plugins that will turn around and bite you in the, er, knee. So, don’t install every plugin under the sun. And be sure to update the ones you do install.
All these steps are simple, which is to say efficient. Fight hackers’ efficiency with your own—like the smart businessperson you are.
Speaking of smart, learn more in “The Rise of Ransomware: Findings from the PhishMe Malware Year in Review.”