1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CTB-Locker ransomware hits over 100 websites

Discussion in 'CSO' started by RSS, Feb 29, 2016.

  1. RSS

    RSS New Member Member

    A new malicious program that encrypts files on Web servers has affected at least 100 websites over the past few weeks, signaling a new trend in ransomware development.

    The program, which is written in PHP, is called CTB-Locker, a name also used by one of the most widespread ransomware programs for Windows computers. It's not clear though if there's a relationship between this new Web-based ransomware and the Windows version.

    Once installed on a Web server, the program replaces the site's index.php and creates a directory called Crypt that contains additional PHP files. It starts to encrypt all the files in the server's Web directory when it receives a specifically crafted request from an attacker.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page