Ransomware, a type of malware that holds your computer hostage until you pay a certain amount of money, seems to be getting more popular since it sprouted up in large-scale form in 2013. Not only can you have ransomware on your machine, but others connected or connnecting to your site are vulnerable.
The website of Maisto International, a toymaker that primarily sells model vehicles and remote control vehicles, is playing host to some ransomware, Malwarebytes wrote Thursday. On the maisto.com homepage, malicious files can download themselves onto visitors’ computers via something called Angler.
Angler is a type of exploit toolkit that installs malicious files on your computer. In this case, the Angler kit is infecting computers with CryptXXX, a ransomware that encrypts users’ files, offering to unlock them for a fee.
According to Malwarebytes Senior Security Researcher Jérôme Segura, there is a tool that infected users can download to remove the ransomware without paying the ransom.
The Angler toolkit exploits outdated plugins like Java, Flash Player or Silverlight to install files on computers, so making sure your plugins are either up to date or disabled should keep you safe from this particular ransomware. Exploits like this one is why browsers have been disabling plugins, leading to the end of Java and other similar services.
Maisto International became a host to this malware because it’s using an outdated content management system, which allowed hackers to plant their malicious software right on the website, Segura told Mashable.
“Sites running outdated versions of CMS [content management systems] such as WordPress or Joomla are vulnerable to automated or targeted hacks,” Segura said. “Just like with Windows computers, hackers can exploit a flaw to gain access to the site and upload malicious code or perform other nefarious tasks.”
Malwarebytes reached out to Maisto International about the malicious software on its website, and the website is now in maintenance mode.
Have something to add to this story? Share it in the comments.