Tuesday, 10 November 2015

Linux Ransomware targeting Servers and Threatening Webmasters to Pay


Since past few years, Ransomware has emerged as one of the catastrophic malware programs that lets hacker encrypts all the contents of a victim's hard drive or/and server and demands ransom (typically to be paid in Bitcoin) in exchange for a key to decrypt it.

Until now cyber criminals were targeting computers, smartphones and tablets, but now it appears they are creating ransomware that makes the same impact but for Web Sites – specifically holding files, pages and images of the target website for Ransom.

Dubbed Linux.Encoder.1 by Russian antivirus firm Dr.Web, the new strain of ransomware targets Linux-powered websites and servers by encrypting MySQL, Apache, and home/root folders associated with the target site and asking for 1 Bitcoin (~ $300) to decrypt the files.

The ransomware threat is delivered to the target website through known vulnerabilities in website plugins or third-party software.

Once infected, the Linux.Encoder.1 malware encrypts all files in the Home directories on the system as well as Backup directories and the System Folders associated with Web site files, pages, images, code libraries and scripts.

Ransomware Uses AES Encryption

According to the security researchers, the ransomware in question needs root privileges to work. Additionally, when it launches, the malware starts downloading:

  • The Ransom Message containing the demands of fraudsters
  • A file containing the public RSA key


After that, the Ransomware starts as a daemon and deletes all of the original files. The RSA key is then used to store AES keys that are used by the ransomware to encrypt the local files on the infected computer.
The ransomware also adds the .encrypt extension to each file it encrypts and writes a ransom text message in every folder.

Targeting Linux-Powered Websites and Servers


The malware specifically encrypts files in folders that are typically found in Linux Web server setups, including directories like home, root, MySQL, Apache, and any directory that includes terms such as git, svn, webapp, www, public_html, or backup.

Moreover, the ransomware looks for files that have extensions specific to Web development environments including .js, .css, .properties, .xml, .ruby, .php, .html, .gz, and .asp, as well as other file extensions like .rar, .7z, .xls, .pdf, .doc, .avi, .mov, .png, and .jpg.

Once the victim pays the ransom amount, the system receives a signal to pass over the directories again to decrypt the files.

Until security researchers create a decryption program, they recommend webmasters to backup all important data and keep all their files in place in case they are targeted.


Want to know more visit : www.arinesolutions.com

Monday, 2 February 2015

Google’s Panda and Penguin Updates May Raise Site Values

SEO Targeting
We’ve all seen the many, many posts, articles, tweets, and rants about Google’s Panda and Penguin updates. It’s true that the basic intention of these updates (according to Google) was – and is – to improve the quality of the content that seems to proliferate exponentially on the Internet, thereby also improving the websites that host it, thereby improving search results.
Theoretically.
It seems to be working out that way, for the most part. But what I find interesting is that I’ve seen a ripple effect from Panda and Penguin extend into the website brokerage industry, and it’s been both a blessing and a curse.

Ranking is More Difficult – And so are Website Sales

Late last year, while at Rhodium Weekend, I spoke with a few other website brokers about what we’ve all been seeing in terms of volume. We all pretty much agreed that finding quality businesses to sell seems to be a bit harder this year than it was last year, or the year before.
But I’ve also noticed that although the quantity has dropped somewhat, the quality of sites coming up for sale has actually increased.
One reason for this may be that Google is effectively taking out low-quality sites. (Obvious statement of the year award, here I come!) The thing is, we often think about this in terms of Google trying to increase the quality of their SERPs, and what that means for how we position our websites.
It’s a bit of a tricky proposition, but what it could also mean is that while Panda and Penguin can be seen, in some instances, as destructive updates, Google could actually be making our businesses more valuable.

Short-Term Drops Lead to Long-Term Gains

When a market overvaluation is discovered, a subsequent result may be a stock market correction. The market declines 10 to 20 percent, people lose money, and then the market slowly rights itself, regaining what was lost, and then some.
A similar phenomena takes place quite often when a new Google algorithm update is announced. Some sites may drop a few spots in the SERPs, while others nearly drop off altogether. As time passes, and both the intentions and the true effects of the update come to light, the SERPs adjust, and many sites regain at least a bit of their footing.
I’ve seen the same thing happening with online businesses in the wake of Panda and Penguin.
The short-term effect of these updates has been to actually reduce the value of some businesses as buyers see online business as being risky (read: subject to the whims of Google). But upon closer inspection, I find that what Google has effectively eliminated from their SERPs are the “websites that make a quick buck” as opposed to the “online businesses.” A main difference is, online businesses typically have profiles that lend themselves to more stability, which is a positive feature for buyers.

Good Ol’ Supply and Demand

By eliminating thin content sites, Google has effectively reduced the supply of sites for sale. This, in turn, will put upward pressure on the higher-quality sites. Couple that with the fact that these updates are forcing website owners to turn their money-making websites into something that looks more like a business with a lower-risk profile, and the possible results are higher valuations. There’s no denying these updates hurt a lot of people, some of whom were collateral damage or simply following bad advice (that also just happened to be the wisdom of the day). But if you survived these updates, congratulations! Your site is now more valuable.

The Downside in Both SERPs and Sales

It’s true that a lot of the people who experienced negative effects of Panda and Penguin were cutting corners. But some of those people never knew those corners were being cut. They were just following the path of the original corner cutters – very loud SEO “experts” who preached some of these tactics, or if they didn’t preach them, they at least practiced them (which is more damning). I definitely think there is a need to be sympathetic to those who were victims of their own ignorance.
In addition, I’m not a fan of the total brand bias Google now seems to have. I think it makes it so difficult for a small startup to get traction without a huge budget. And while this can be good to keep the low-quality businesses and sites out, it’s also sad, as I’m sure many projects simply don’t make it because they have trouble gaining that initial traction against their larger, better-funded competitors.
Not only do those sites have more trouble ranking and competing, they have more trouble building their value to be sold later on, whether that’s an initial goal or not.

High Quality Can Mean a Higher Price

Google will continue to evolve and update its algorithms, and we’ll all just have to roll with the punches. But it’s possible to try to head off any issues by ensuring your site’s content is of high quality, and that your link building efforts are following best practices. Ride out the updates, stay competitive, and you may find yourself able to demand a higher price for your business.


Want to know more visit : www.arinesolutions.com