Skip to main content

CTB-Locker ransomware encrypts WordPress sites and holds them hostage

hacking, computing
A fresh strain of ransomware called CTB-Locker has popped up online, and it encrypts WordPress websites rather than users’ computers. So far more than 100 sites have been affected.

The ransomware, also known as Critroni, operates more or less in the same way as traditional ransomware when it encrypts a user’s files and demands fee in bitcoin to decrypt and return the data. In the case of CTB-Locker, which is a PHP program, it instead targets a website.

The culprit will usually hack a website that is poorly secured and replace its index.php or index.html files with different files that encrypt the site’s data with AES-256 encryption, and will also display a warning message on the homepage demanding money along with instructions on how to buy bitcoin.

“Decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the decryption key,” says the message. It demands .4 bitcoin to return the website to working order.


This latest iteration of ransomware was discovered by BleepingComputer’s Lawrence Abrams. He found that the CTB-Locker even comes with a live chat function, so you can actually message the hacker about paying the ransom, and this version of the ransomware has been signed with stolen certificates.

Abrams points out in his report that, as per usual, the only way to restore your files other than paying up is to use a back-up.

It appears that there are about a hundred sites infected with CTB-Locker. A Pastebin document has been created that lists many of the sites that appear to have been compromised. No major, big name sites are included.

If you’re a website owner who is concerned about this, you should check to make sure that you’re using the latest version of WordPress. Most of the sites targeted so far were poorly managed and used outdated versions or had installed vulnerable plug-ins.

CTB-Locker looks like a pretty specialized experiment from the author and it may not be a massive threat in the near future. However, it is the latest mutation of ransomware. We’ve seen several cases of infections coming up over the last few weeks with businesses and organizations like hospitals and school districts getting infected and paying the ransom.

Editors' Recommendations

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Will my Mac get macOS 14?
MacOS Sonoma.

MacOS 14 is coming and coming soon, and thanks to Apple's big keynote address at WWDC 2023, we now know what it can do, what it's called, and who can get it. The next generation Mac operating system is codenamed Sonoma, and it's bringing gaming to macOS in a big way, as well as improving video calls, and security. It's going to be available for most modern Mac and MacBook users, but there are some legacy systems that are unfortunately being left out in the cold.

Wondering if your Mac can get macOS 14? Here's everything we know about what Macs are and aren't compatible with Sonoma.

Read more
How to download macOS 14 Sonoma
MacOS Sonoma presented at WWDC 2023.

MacOS 14 Sonoma has a bunch of exciting new features, including game mode, desktop widgets, and a new presenter mode for video calls. Is your Mac ready for it? If so, you'll want to download it as soon as possible to take advantage of all the new features and security enhancements. Make sure you back up your most important information before you do, but once you're ready, here's how to download macOS 14.

Read more
You can make the Apple Vision Pro even more expensive with a luxury leather headband
BandWerk's Vision Pro headset in Orange.

A new Apple product means one thing: accessories. Despite the fact that Apple's Vision Pro headset isn't coming out until early next year, we're already seeing third-party accessories for tricking it out.

The first batch comes from iPhone case maker BandWerk, who announced five luxury leather headbands for the upcoming headset. As if the $3,500 base price of the Vision Pro wasn't enough, you'll need another $160 for one of BandWerk's headbands -- though, I suppose that's a minor cost considering how much the headset is on its own.

Read more