Corporate Ransomware

Image credit: Blog Ransom Note Sitelock Blog

Last night we got another Reclaimer that was migrating over to us from Bluehost given their site was locked down at because their account reportedly had been hacked. I now understand all to well from the sysadmin side how an infected site can screw up a server. Our plan was to move the account and then do a full scan to quarantine any and all viruses and malware before pointing the DNS.  I ran the scan, and guess what, no viruses, no malware, nada. This person’s site was shutdown for an extended period by Bluehost and then referred to Sitelock because their account was reportedly infected.  Sitelock fixes the problem for a ransom of a fee, and they have to then pay for ongoing protection. It’s literally like the web hosting mob.

What’s more, the site was not infected. This is at least the third time we had a transfer request from a customer who had been referred to Sitelock by Bluehost that had no viruses we could find. How is this acceptable practice?  Is Bluehost cleaning the sites and then shutting down the customer accounts?  These people did not pay Sitelock so it wasn’t them. Something is rotten in Denmark, and I can’t help but think it boils down to one thing: fleecing your customers.  You can promise the world and charge pennies on the dollar because you know in the end you will be collecting those fees in other ways: backups, phony virus protection, etc. When it looks like a scam, and smells like a scam, chances are it is a scam. I just really don’t understand how Bluehost expects to remain relevant when their recent business development seems to be based around cannibalizing their existing clients. When you think about it, this is akin to corporate (a.k.a. legitimatized) ransomware, take down your client’s site, tell them it is infected, push them to make a deal with Sitelock, then sit back and collect your ongoing cut. Some folks have the wherewithal and time to export their stuff and get out, but for many, many others that is far too painful. They are effectively put between a rock and a hard place, like with many ransomware victims who don’t have backups, they are forced to fork out the money.