Threat Advisory: Ransomware Impacting WordPress sites

February 8, 2016

A large number of WordPress websites have been compromised and are delivering TeslaCrypt ransomware.

While it is not yet clear how these sites are being infected, it is suspected that there is a new vulnerability in WordPress or within a popular plug in.

The compromised sites were hacked and had an encrypted code added to the end of their legitimate JavaScript files. The malware then conceals itself while it tries to infect all accessible .js files, redirecting the end user through a series of sites before demanding the ransom.

If you run WordPress it is recommended you:

  1. Ensure you’ve patched your latest operating systems and 3rdparty applications
  2. Patch WordPress
  3. Update all WordPress plugins and instances at the same time
  4. Update your WordPress passwords and where possible, leverage the WordPress 2-factor authentication
  5. Back up your data regularly
  6. Regularly test your restore functions to ensure they are working properly

Herjavec Group will continue to monitor this vulnerability and notify our customers of appropriate developments and patches as they arise. 

Stay Informed 

  rhsm-3  Follow us on Twitter

  rhsm-2  Connect with us on LinkedIn

*By selecting one of the communications above, you consent to Herjavec Group
sending commercial electronic messages to you for marketing purposes, including information about the products, services and events selected.

About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn