A strain of malware known as CTB Locker Ransomware encrypts WordPress sites and holds them hostage. From industry reports:
CTB Locker ransomware encrypts WordPress sites and holds them hostage
“A fresh strain of ransomware called CTB-Locker has popped up online, and it encrypts WordPress websites rather than users’ computers. So far more than 100 sites have been affected.
The ransomware, also known as Critroni, operates more or less in the same way as traditional ransomware when it encrypts a user’s files and demands fee in bitcoin to decrypt and return the data. In the case of CTB-Locker, which is a PHP program, it instead targets a website.
The culprit will usually hack a website that is poorly secured and replace its or files with different files that encrypt the site’s data with AES-256 encryption, and will also display a warning message on the homepage demanding money along with instructions on how to buy bitcoin.”
CTB Locker ransomware can’t hurt one of our hosted sites
Our Secure Lockdown makes index.php which is located in the root of a WordPress site non-writable. This makes it impossible for a virus to make any changes to it. Additionally some other PHP files are locked to make it impossible for a virus to make changes/damage any other PHP scripts used by a WordPress site.