Ransomeware TeslaCrypt Virus: Don’t get it in the first place

plastic bug

TeslaCrypt Ransomeware malware bug makes you PAY— actual dollars!

“WHAT?!” you say.

“Yep,” I say.

Baddies get into your computer, lock everything up and demand actual CASH to let you get it back! 

Scuttlebutt is that most will unlock your content. The fee seems to be around $500. But I sure don’t want to test them. And no matter what, it’s a dirty dirty trick.

The bug seems to have cropped up February, 2015 and was passed by gamers who were forced to compromised websites.

At that time, Internet Explorer and Opera browsers were targeted.

[ed note: Make sure your browsers automatically update.

In IE, go to the gear for Settings. Choose “About Internet Explorer” and then click the box for automatic updates.

For Opera: On the menu line,  go to Settings > Preferences > Advanced > Security. In the “Auto-update” section at the bottom, from the drop-down list, click Automatically install updates. Then “OK”]

Also make sure your Adobe Flash Player, Adobe Reader and Microsoft Silverlight browser plugins are up-to-date, or disable them entirely.

Further explanation at ThreatPost.com describes the TeslaCrypt as

a potent collection of exploits for vulnerable Adobe products (Flash, Reader, Acrobat), Internet Explorer and Microsoft Silverlight, that has in the past … been dropping ransomware on infected computers
 …researchers said the attackers behind the current WordPress compromises—numbering in the hundreds—were exploiting an unidentified vulnerability with obfuscated JavaScript. The malicious code redirects traffic to a domain … where the users are presented an online ad that forces traffic to the site hosting [the actual virus.]

But further, Tom’s Guide says you can get this bug  from emails.
Advice  for avoiding it in the first place is basically the same as always:

Do not open unexpected email attachments
… even from friends!

Make your passwords strong

  • Eileen123 is NOT a strong password.
  • bigfatscissorsh0use! might be

See that? big fat scissors house!  (with a zero for an O)

Four random words — that you can actually spell without looking them up — makes for a very secure password.

Keep your website secure

You could be keeping your website up to date yourself.

  1. Make backups on a schedule that matches the regularity of your additions. If you post once a week, there is no reason to back your site up hourly!
  2. Update WordPress plugins and core when they’re available. Upgrade WordPress to the latest version, 4.4.2, in order to resolve a handful of bugs and vulnerabilities in the content management system.
    Wordfence plugin will alert you when changes are made or updates are available

If you’re not paying attention to these things, get help!

Contact me to talk about a website maintenance program .

PS:  Here’s a link to how some people have removed the problem.  I HAVE NOT TESTED THIS. SO I MAKE NO GUARANTEES ABOUT ITS VALUE OR DISVALUE (if that’s even a word)

 

Author: Kerch McConlogue

Harrisburg, PA: A WordPress front end web developer who speaks plain-English to nonGeeks

Leave a Reply

Your email address will not be published. Required fields are marked *