The well-known crypto ransomware CTB Locker is back. After a considerable slowdown in distribution, it is being pushed onto users again, and this time its executable has been signed with a stolen certificate.
But what is even more interesting is that there is a new variant of the malware, and this one targets websites instead of Windows workstations.
According to a security researcher that goes by the online handle Benkow, at least 102 websites have already been infected, and the infection campaign bates back to February 12.
CTB-Locker/Critroni Finds New Legs Targeting Websites