Security firm Dr. Web has discovered a new strain of ransomeware that’s attacking Linux-based web servers, encrypting their contents and demanding a ransome from the site owners in exchange for the decryption keys.
That means your website/blog could be at serious risk if your web hosting company isn’t very diligent about protecting their servers from the latest security threats.
The exploit works by encrypting pretty much all of your site’s critical files, including the files located in the Home directory and the MySQL database that stores all of your blog’s posts, pages and other WordPress related data. It then places a file containing a ransome message inside every encrypted folder. As you can see, this is nasty stuff.
Most popular web hosts do a good job of guarding their equipment from new-found threats in a timely manner. In addition, many of them make regular backups of their servers to help mitigate the damage from any attacks that do manage to take down a server down.
That being said, some hosts are a bit slack when it comes to installing the latest security patches and scanning for malware. Even worse, a few hosts even store your backups on your own server, putting your precious backup files at risk right along with the server itself.
If your website/blog is important to you, I strongly recommend that you take matters into your own hands and make regular off-site backups of your website/blog using something like VaultPress or Backup Buddy.
If you’re interested in a recommendation, I personally use VaultPress to back up my WordPress blogs.
VaultPress works silently in the background, backing up your entire blog including your core WordPress installation, your themes, your plugins, and all of your posts and pages.
VaultPress stores your backups on their own servers. That makes your backup files immune from attacks on your web server and from attacks on your web hosting company at large. Therefore, if your web server and/or hosting company is attacked, your backups aren’t affected in any way. Restoring your blog from a VaultPress backup is literally as easy as clicking a button.
Backup Buddy is also very good if you don’t mind assuming a bit more responsibility when it comes to backing up and restoring your blog.
Bottom line: Linux systems are certainly not free from the dangers presented by hackers and malware, and right now hackers are deliberately attacking Linux-based web servers with ransomeware. If you value your website or blog, I strongly recommend that you initiate your own backup plan right now!
If you’re interested, you can read more about the specifics of this new exploit over at the Dr. Web website.