Attention All Website Owners !!
Back-up your website immediately!!
There is a new hack risk where websites are becoming encrypted by hackers and the tell you that to get your website unlocked is to pay the ransom of 1 bit coin which equates to $420 USD
Here is an example of the ransom message that you will receive
personal files are encrypted
! Encryption was produced using a unique public key RSA-2048 generated for this computer.
To decrypt files you need to obtain the private key.
The single copy of the private key, which will allow to decrypt the files, located on a secret server at the Internet. After that, nobody and never will be able to restore files…
To obtain the private key and php script for this computer, which will automatically decrypt files, you need to pay 1 bitcoin(s) (~420 USD).
Without this key, you will never be able to get your original files back.
!!!!!!!!!!!!!!!!!!!!! PURSE FOR PAYMENT(ALSO AUTHORIZATION CODE): 1BVy42Z8UrtiKg9KThCz8i8icxqBMzPCVs !!!!!!!!!!!!!!!!!!!!!
INSTRUCTION FOR DECRYPT:
After you made payment, you should go to website https://z54n57pg2el6uze2.onion.to
Use purse for payment as ur authorization code (1BVy42Z8UrtiKg9KThCz8i8icxqBMzPCVs).
If you already did the payment, you will see decryption pack available for download,
inside decryption pack – key and script for decryption, so all what you need just upload and run that script ( for example: http://http://www.yourwebsite.com/decrypt.php )
Also, at this website you can communicate with our supports and we can help you if you have any troubles,
but hope you understand we will not answer at any messages if you not able to pay.
!!!P.S. Our system is fully automatic, after payment you will receive you’re decrypt pack IMMEDIATELY!!!
Q: How can I pay?
A: We are accept only bitcoins.
Q: Where to buy bitcoins?
A: We can’t help you to buy bitcoins, but you can check link below: https://en.bitcoin.it/wiki/Buying_Bitcoins_(the_newbie_version)
Q: I already bought bitcoins, where i should send it.
Q: What gonna happen after payment?
A: Download button for decryption pack will be available after you made payment
Q: I pay, but still can’t download decryption pack
A: You need to wait 3 confirmations for bitcoin transaction.
Q: How to use decryption pack?
A: Put all files from archive to your server and just run decrpyt.php (example: website.com/decrypt.php)
Q: Can I pay another currency?
Lets nip this unsavoury practice in the bud – back-up* your site and tell those hackers where to stick their bit coin request and threat about your personal files are encrypted.
Please circulate this message to anyone who might have a website and let’s get rid of this risk to our businesses
* Stay Safe And Ensure You Have Backups Stored On A Different Server
It is imperative you keep a backup of your website OFFSITE otherwise the hackers will just encrypt your backups too and hold them to ransom as well. Website owners assume that their hosting company will have done this (which is often a misplaced belief). If you would like some help backing up your site or would be interested in our firewall and site fix services remember OneHourSiteFix is here to help. Just drop us a chat or mail and we will happily help you with this task.
Helping Make The Internet A Safer Place To Do Business!
PROTECT MY SITE NOW!
Do not pay the ransom if you have received a demand saying
Your Personal files are encryptedWE CAN DECRYPT YOUR WEBSITE
Cyber criminals moving their ransomware focus to websites
In the past hackers have targeted computers, smartphones and tablets, but now business and personal websites are under fire. The cyber criminals have created ransomware that attacks website and very quickly encrypts and holds the whole site to ransom. The infection looks to encrypt any file on your server that enables your website to show for visitors. So all files, pages and images. If you have your website backups and database on the same server it also encrypts them to! So it is important that all your backups are stored on another server (your hosting company can arrange that for you) or even quickly stop reading this and download a copy to your own computer.
Named Linux.Encoder.1 by Russian antivirus firm Dr.Web, the new strain of ransomware targets websites on services running linux (which is very likely the type of server your hosting company is using – most hosting companies do) and uses RSA encryption to make your files unusable unless you have the key to unlock it all. The ransomware adds the .encrypt extension to each file it encrypts and writes a ransom text message in every folder.