Too many Websites hacked, ransom demanded

Today is a very sunny day, but cloudy online. After the hack of the webpage of the  Ukranian ministry of Energy as shown in figure 1 below.

329f9cc2-82e8-4ff9-9bfd-b3a14d8089c9-original
Figure 1

http://www.mev.gov.ua was displaying this ransomware message before, but later the site was taken down now displaying that it is running an Apache HTTP server on a CentOS server as in the figure 2 below. Meaning the administrator took it offline.

apache
Figure 2

As an investigator, I decided to run a secure search with the terms ”ooops, your website have been encrypted ” using DuckDuckgo as a search engine, and all the sites hacked were indexed as show in figure 3 below.

website encrypted
Figure 3

Too many websites , victims as of today of the ransomware attack. All those live websites displaying the same  message, the attackers even included music this time. The clock showing the time left to pay the ransom.The currency accepted is Bitcoin because it wont be possible to know who received the money.

The only way to bypass this it to make sure that the vulnerability used by the software and third party applications have been patched.

Stay Secured.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s