Because WordPress is the most popular content management system in the world, it is unfortunately also subject to more attacks by hackers. A new threat to WordPress sites, in the form of ransomware, has recently emerged.
WordFence provides this explanation of ransomware:
“Ransomware is malicious software that an attacker installs on your computer or on your server. They use an exploit to gain access to your system, and then the ransomware executes, usually automatically.
Ransomware encrypts all your files using strong unbreakable encryption. The attackers then ask you to pay them to decrypt your files. Usually payment is via bitcoin. Bitcoin gives the attackers a way to create an anonymous wallet into which the ransom can be paid.”
Until recently, most ransomware has targeted Windows computers. However, the Wordfence team is currently tracking a new kind of ransomware that targets WordPress websites.
This ransomware provides an attacker with the ability to encrypt your files, but it does not actually provide a working decryption mechanism.
If you are affected by this ransomware, do not pay the ransom, as it is unlikely the attacker will actually decrypt your files for you.
Hackers usually target a vulnerable plugin or theme on a WordPress site, which is why it’s extremely important to keep your plugins, themes and core WordPress files up to date.
Read the full article on the WordFence website: Ransomware Targeting WordPress – An Emerging Threat