Threat Advisory: Ransomware Impacting WordPress sites
February 8, 2016
A large number of WordPress websites have been compromised and are delivering TeslaCrypt ransomware.
While it is not yet clear how these sites are being infected, it is suspected that there is a new vulnerability in WordPress or within a popular plug in.
If you run WordPress it is recommended you:
- Ensure you’ve patched your latest operating systems and 3rdparty applications
- Patch WordPress
- Update all WordPress plugins and instances at the same time
- Update your WordPress passwords and where possible, leverage the WordPress 2-factor authentication
- Back up your data regularly
- Regularly test your restore functions to ensure they are working properly
Herjavec Group will continue to monitor this vulnerability and notify our customers of appropriate developments and patches as they arise.