Has Your Site Been Taken Hostage Without You Knowing?

How often do you really check your site? Unless you have someone like BSG designing and running your site and its content, you have to do it yourself. Have To Do It! No, it is not that the site gets old, tired and dusty. It’s that it gets commandeered and your firm and reputation suffers for it.

Ransomware, is type of malware that holds your computer hostage until you pay a certain amount of money. Ransomware is escalating in popularity since it sprouted up in large-scale form in 2013.

The website of Maisto International, a toymaker that primarily sells model vehicles and remote control vehicles, is playing host to some ransomware, Malwarebytes wrote Thursday. On the maisto.com homepage, malicious files can download themselves onto visitors’ computers via something called Angler.

You may have also seen that Hackers demanded $3.4 million in Hollywood hospital data attack. This is everywhere and very pervasive. Do you have the technical prowess to correct these problems before you or your guests actually encounter them.

Angler is a type of exploit toolkit that installs malicious files on your computer. In this case, the Angler kit is infecting computers with CryptXXX, a ransomware that encrypts users’ files, offering to unlock them for a fee.

Malwarebytes got a computer infected with the CryptXXX ransomware, to check it out.

According to Malwarebytes Senior Security Researcher Jérôme Segura, there is a tool that infected users can download to remove the ransomware without paying the ransom.

The key is that the Angler toolkit exploits outdated plugins like Java, Flash Player or Silverlight to install files on computers. So, making sure your plugins are either up to date or disabled should keep you safe from this particular ransomware. Exploits like this one is why browsers have been disabling plugins, leading to the end of Java and other similar services.

Maisto International became a host to this malware because it’s using an outdated content management system, which allowed hackers to plant their malicious software right on the website, Segura told Mashable.

“Sites running outdated versions of CMS [content management systems] such as WordPress or Joomla are vulnerable to automated or targeted hacks,” Segura said. “Just like with Windows computers, hackers can exploit a flaw to gain access to the site and upload malicious code or perform other nefarious tasks.”

Malwarebytes reached out to Maisto International about the malicious software on its website, and the website is now in maintenance mode.

Just another reason to have BSG handling your technical needs. Contact us today.