Ransomware is a dangerous piece of malware that infects computers. CBT Locker Website, a spin on the infamous CBT Locker for desktops, is one of the latest versions of ransomware that enables an attacker to take WordPress sites hostage and charge a fee for their release.
What is CBT Locker and Ransomware?
Ransomware, which has only been popular for the past few years, is most effective when an attacker plans to make money from his/her victims. Ransomware encrypts all data and leaves the victim a message that important files won’t be decrypted until the victim pays a fee, which can run any where between $50 through thousands of dollars. If the victim waits too long, sometimes fee increases. Payments can be requested in bitcoins, and the malware will even help the user find a bitcoin provider. The scam has made attackers millions in ransom fees.
CBT Locker works in a similar fashion; the attacker just needs to get the victim to download malicious software, which can be easier than gaining access to a website.
Hacking a website involves accessing the file system to upload files. This can be done using phishing attacks or keyloggers. WordPress sites vulnerable to SQL injections can also give the attacker escalated privileges on the web server.
What Happens After a Website Is Hacked?
After the website is hacked, the attacker uploads a new index.php file. When you access a site, the default file that launches content for the main homepage is index.php. The attacker’s index.php file replaces the legitimate one; the next time it executes, data encryption is triggered.
The malicious code searches for numerous file types, usually those most likely to be important to people. Here are a few file types that ransomware, including CBT Locker, searches for:
Ransomware uses a two-key system: a public key is used to encrypt the data and a private key is used to decrypt it. Only the private key can decrypt data encrypted with the public key. When you pay the ransom, you pay for the private key.
An interesting part about the CBT Locker website version is the real-time chat system. If your files are decrypted, you can go to your site and use the chat system to talk to the attacker. The attacker will help you find a bitcoin provider and even provide you technical instructions on how to pay for the key.
WordPress sites Protected by InterShield
The attacker needs access to your site, so the only way to defend against this attack is to know common vulnerabilities within WordPress.
The most common way an attacker gains access to a site is from a malicious plugin. Even legitimate plugins could have some kind of vulnerability that gives an attacker control of the site. Install only trusted plugins with authors that keep up-to-date on the latest attacks and frequently update their software to patch any recent bugs. Never download random plugins from sites that promise cracked themes (also known as “nulled” themes).
Some legitimate plugins are shown to have vulnerabilities. Responsible plugin developers patch their software to stop the vulnerability and release the new update as soon as possible. You must update your plugins each time a patch is released to avoid having your site hacked.
Penetration testing is the process of having a “white hat” hacker run scripts against your site to find any common vulnerabilities. You can pay for testing or buy your own software that penetration tests your WordPress site. If any vulnerabilities are found in your plugins, you can either disable them and find replacements or alert the plugin author in the hopes that they will provide you with a fix.
SQL injection is a common attack on database vulnerabilities. Unless you understand SQL language and the way databases work, you won’t know how to find these vulnerabilities. A penetration test includes SQL injection vulnerabilities.
Not only should you always keep your software up-to-date, but also be aware of phishing scams when you read your emails. Never give out your login credentials for your web server to anyone.
Rest assured when you purchased our shared hosting that you are well protected from whatever malware that lurks around the corner. In the event your site does get hacked we are here to help you clean it up, which extended to every customer running on a managed wordpress plan. In addition, with InterShield we deploy a five prong defensive against vulnerabilities which include: web app firewall, file upload scanner, automatic scan of running scripts, outbound email protection, and malware detection.
We are extremely excited to announce a new virtualization platform that we are offering to customers for our VPS. This latest platform is called Virtuozzo 7 which is built on top of the RHEL7. Also known as OpenVZ 7, this virtualization platform is a huge leap forward for features regarding density, management tools, and recovery. Listed below are some of the benefits and features for OpenVZ 7.
As it is based on openvz, features like memory hotplugging (increase/decreate ram on the fly), CPUs, upgrade or downgrade disk space are still supported. Openvz unlike InterServer’s KVM system can shrink as well as increase resources on the fly.
Density really refers to how much efficiency is given from our servers. Using Virtuozzo 7 increases density allowing for us to take advantage of the hardware used in the server. Not only does this prove to be beneficial to our customers, but helps us maximize output from the server itself.
In terms of performance, Virtuozzo permits a higher uptime. As part of 99.99% uptime guarantee, we constantly seek to find solutions that will enable us to meet our customer’s expectations. The way this platform handles storage ensures minimal downtime.
This virtualization platform is be comparable to OpenVZ in the fact that you can still take backups from our control panel. We understand the importance of backups, therefore we made sure to use a platform that would allow our customers to perform this action from my.interserver.net making this feature easily accessible and of an overall great value.
Another important tool that is found in our control panel for VPS is VNC. This allows our customers to connect to either their Windows Desktop or Linux command line interface. Thus far, it was only available in our KVM platform. Now with the release of Virtuozzo 7 it will be provided with VNC as an option to access your server just as you would with a KVM VPS.
If you are looking for storage with speed we do offer Virtuozzo 7 with SSD. For each slice it will cost you an additional $3. We highly recommend this option if you require this level of speed to power your websites.
If you are interested in trying out this new virtualization platform head on over to interserver.net. We sell slices at affordable prices – $6 a slice for our Linux VPS. If you decide that this platform meets your needs you can always increase your resources by purchasing more slices. We even offer a free control panel called Breadbasket which will help you manage your VPS.
Posted at June 5, 2017 at 3:00 pm by Stacey Talieres
“I’ve been hacked”! How many times have we heard this line before? My guess would be way too many times. As we all become ever more interconnected thanks to the power of the World Web Wide, and along with it comes the dangers of malware. However, malware has always been a step above those trying to mitigate its power and consequences. According to an independent IT-Security Institute, AV-TEST claims that “over 390,000 new malicious programs are developed every day” Numbers like this make us here at InterServer quite concerned. Not many end-users are aware of the dangers that lurk around the corner or on their very own website. As a result, we have decided to develop a new five prong malware and prevention system which we call InterShield. These five prongs include:
We believe that this approach should quickly prevent malware from posing a major threat to not only us, but any of our customer using our shared hosting. Let us further explore what each of the five prongs exactly does and accomplishes.
Websites are constantly under threat from cross site scripts, SQL injections and various other threats. The two most common, cross site scripts and SQL injections can prove to be quite harmful. Cross-site scripting is a form of client-side code injection where the hacker executes scripts into a website or application. These forms of attacks specifically target one’s website because it will then affect those who visit the site. SQL injections are another form of code injection into websites. At which point the attacker uses SQL commands into data entry fields to impact database integrity. These hackers are trying to gain escalated access to website data and other forms of confidential information.
With Mod_Security enabled in our linux shared hosting servers these common attacks are prevented. We won’t get into the exact details on how it works, but there are expressions and rules that helps stop these attacks dead in their tracks. Mod_Security adds another layer of security for us since sometimes programming code leaves itself open to vulnerabilities
Another way malware can be spread onto servers is by uploading malicious files. Sometimes people can unknowingly upload files that contain viruses. This can spell disaster for anyone. However, this layer of the InterShield scans for malware from uploaded files. Malware usually contains a certain signature that can be detected. Our scanners are always updated regularly, so that the latest malware won’t be a problem for us.
Scripts can be very useful when running a website. However sometimes certain scripts that people use can be malicious. On our shared hosting servers we are constantly scanning to make sure that any current scripts running are non-malicious. This additional layer of protection and prevention allows you to rest assured that your website will never be compromised due to a bad script.
As part of our longstanding promise to our customers, guaranteed email delivery is always protected on our standard hosting. We make sure that we follow through on this promise by allowing the delivery of valid, non-spam, and non-bulk emails. Our technology allows to find compromised accounts quickly. This prevents an IP address from getting blacklisted, so that everyone else does not suffer because of one customer.
In an effort to protect our customers on our standard hosting account we maintain a large database full of malware scripts. Keeping track of their signatures allows for us to quickly target and remove any malware that poses a threat to us. Over 155k pieces of malware have been detected. If you are interested in learning more about this please follow this link:http://sigs.interserver.net/. As you can see our intrusion system is constantly catching malware signatures and updating them into this database.
There you have it. We hope that given the information provided that you will elect InterServer as your shared hosting provider. Our standard shared hosting comes with cPanel, Softacolous script installer, unlimited domains, email, bandwidth, and so much more. Before signing up with us, customers always ask what built in security features do we have. As you can see, InterServer’s InterShield provides multiple layers of protection against various levels of malware.
This past month, InterServer was a proud sponsor of DrupalCon 2017 in Baltimore, Maryland. This great city was host to an event that gave Drupal developers, web host, and government agencies from all across the country a chance to meet up sharing their knowledge and passion. Over the course of three days, we were graced by guest speakers all of whom had a wealth of knowledge, sessions, and social events. As a team we enjoy any opportunity where we can reach out and learn more about the community. Through this recent experience, we found out that Drupal developers are constantly looking for the following requirements from their hosting provider; cheap, extremely reliable, scalable, and of course, Drupal-friendly.
Just like last year in New Orleans we met fans and gained more awareness from those who may not have heard of us before. For those who had never heard of us it was a great chance to enlighten them on our services. For those that signed up with us at the event you are eligible for six months of free shared hosting. You will find that once you use our hosting that it is a perfect match for Drupal. All you have to do is use Softaculous in cPanel or Plesk. Simply find Drupal in softaculous and click install. Once deployed, develop away!
Here are some of our favorite highlights from the event:
Our shared hosting for Drupal is only $5 a month. With our shared hosting, we offer free 24/7 support via phone, tickets, and live chat. Just some quick facts about our shared hosting; it features unlimited domains, email, bandwidth, and storage. Shared hosting with us is fast, cheap, and user-friendly, so give us a try. We hope to see you at the next event.
Posted at April 20, 2017 at 7:00 pm by Stacey Talieres
When building a successful website, the standard of the images used is vitally important. Poor-quality photographs or graphics will not project a professional impression to most visitors, and your site’s performance will suffer because of it. Unfortunately, hiring the services of a graphic designer doesn’t come cheap, and if you’re on a limited budget, this clearly presents a problem.
Luckily, there exist many websites that offer archives of photographs, icons, buttons, and other graphics, many of which are free to download and use. Utilizing images from these sites has it’s drawbacks, but it does provide the following advantages.
You should spend some time searching for the right images. Some of them might require editing to suit your purpose, but this option is more affordable compared to hiring a graphic designer.
Almost any type of image you can think of will be available somewhere. You just need to take the time, and the patience to dredge through thousands of possibilities, many of which may be mediocre at best.
As you scour the web for ideas, you may stumble across your own inspiration. Coming up with a concept for a graphic designer will limit results to your initial criteria, depending on the creativity and independence of the designer. However, something you see in a free image repository may spark a whole new direction of thought for creating your website.
Most image repositories will set a minimum standard for entries they allow into their archives. While you may not be able to find a perfect fit in terms of content and style, the technical quality of the images will be at least acceptable.
However, there are significant drawbacks to bear in mind as well.
Despite the vast range of choices, chances are you’re unlikely to find a file that’s 100 percent true to what you had in mind. You may have to forfeit your original requirements, unless you want to spend hours upon hours sifting through archives in hopes of the perfect match.
By nature, free public image archives don’t grant exclusive usage rights for their images. This means there is a chance the graphics you use will already been included on another website. While this isn’t necessarily a problem, if you use popular images, it’s harder to establish uniqueness and awareness for your brand.
In some cases you can download groups of images that revolve around a theme. More often than not, you will probably have to take your graphics from several sources to cover all your needs. This makes visual consistency across your site difficult to achieve.
A lack of consistency can pose a problem should you expand your site in the future. It especially may be difficult to find a new graphic that matches your existing selections. Sourcing a new free image will be time consuming, with hit-and-miss results.
For a fully polished look and feel, a website will always benefit from the use of unique photography and graphic design. However, for those just starting out, or otherwise are on a tight budget, the limitations presented by royalty-free stock images are relatively minor and can be overcome. If you’re prepared to put in the time searching through archives, free graphics offer a cost-effective way of putting together a professional-looking site.