Toymaker’s website pushes ransomware that holds visitors’ files hostage
Infecting site visitors with malware cannot be good for business. Their PR department must be going nuts over this one….
Dan Goodin reports:
The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, has been caught pushing ransomware that holds visitors’ files hostage until they pay a hefty fee.
Malicious files provided by the Angler exploit kit were hosted directly on the homepage of Maisto[.]com, according to antivirus provider Malwarebytes. The attack code exploits vulnerabilities in older versions of applications such as Adobe Flash, Oracle Java, Silverlight, and Internet Explorer. People who visit Maisto[.]com with machines that haven’t received the latest updates are surreptitiously infected with the CryptXXX ransomware. Fortunately for victims in this case, researchers from Kaspersky Lab recently uncovered a weakness in the app that allows users to recover their files without paying the extortion demand. People infected with ransomware in other drive-by attacks haven’t been so lucky.
Read more on Ars Technica.