Website Horror Story: Your Site Has Been Hacked and Is Being Held For Ransom
Hackers don’t care how big your website is, or how much money your company makes. If your site is vulnerable, someone will try to hack into it. You might be thinking that your mom and pop shop located in Small Town USA wouldn’t interest any hackers. I’m sorry to say, you are very wrong. If you have a business website, you absolutely need to have it maintained for security purposes, at all times.
A Small Company Gets Big Time Hacked
A local company we do PPC for had to find this out the hard way last year when they got locked out of their site and received the following ransom email (edited for privacy but not for grammar):
“Your personal files are encrypted! Encryption was produced using a unique public key RSA-XXX) generated for this computer.
To decrypt files you need to obtain the private key.
The single copy of the private key, which will allow to decrypt the files, located on a secret server at the Internet. After that, nobody and never will be able to restore files…
To obtain the private key and php script for this computer, which will automatically decrypt files, you need to pay 1 bitcoin(s) (~420 USD).
Without this key, you will never be able to get your original files back.
!!!!!!!!!!!!!!!!!!!!! PURSE FOR PAYMENT(ALSO AUTHORIZATION CODE): 1LK1oVLin6uh4Y6WELRISGI2458pdQro7 !!!!!!!!!!!!!!!!!!!!!
INSTRUCTION FOR DECRYPT:
After you made payment, you should go to website https://z547pg2el6uze2.onion.to
Use purse for payment as ur authorization code (1LK1oVLin6uhKA4ZZjmZWiRpdQro7).
If you already did the payment, you will see decryption pack available for download,
inside decryption pack – key and script for decryption, so all what you need just upload and run that script.
Also, at this website you can communicate with our supports and we can help you if you have any troubles,
but hope you understand we will not answer at any messages if you not able to pay.
!!!P.S. Our system is fully automatic, after payment you will receive you’re decrypt pack IMMEDIATELY!!!
Q: How can I pay? A: We are accept only bitcoins.
Q: Where to buy bitcoins? A: We can’t help you to buy bitcoins, but you can check link below: https://en.bitcoin.it/wiki/Buying_Bitcoins_(the_newbie_version)
Q: I already bought bitcoins, where i should send it. A: 1LK1oVLin6uh4YRKA4ZZjmZWiRpdQro7
Q: What gonna happen after payment? A: Download button for decryption pack will be available after you made payment
Q: I pay, but still can’t download decryption pack A: You need to wait 3 confirmations for bitcoin transaction.
Q: How to use decryption pack? A: Put all files from archive to your server and just run decrpyt.php (example: website.com/decrypt.php)
Q: Can I pay another currency? A: No.”
Don’t Be Next, Keep Your Stuff On Lock
These hackers lock you out of your site, take your files, and then hold you ransom for bitcoin money if you want your files back. Don’t let this be you. Just keep your website secure, change your passwords often, and never use unsecured networks.