US Toy Maker Maisto's Website Pushes Ransomware (pcworld.com) 26
An anonymous reader shares a PCWorld article: Attackers are aggressively pushing a new file-encrypting ransomware program called CryptXXX by compromising websites, the latest victim being U.S. toy maker Maisto. Fortunately, there's a tool that can help users decrypt CryptXXX affected files for free. Security researchers from Malwarebytes reported Thursday that maisto.com was infected with malicious JavaScript that loaded the Angler exploit kit. This is a Web-based attack tool that installs malware on users' computers by exploiting vulnerabilities in their browser plug-ins. It also steals bitcoins from local wallets, a double hit to victims, because it then asks for the equivalent of $500 in bitcoins in order to decrypt their files. [...] Researchers from antivirus firm Kaspersky Lab recently updated their ransomware decryption toolto add support for CryptXXX affected files. The attack code exploits vulnerabilities in older versions of applications such as Flash, Java, Internet Explorer, and Silverlight. At this point, it isn't clear exactly how many users are affected.
Re: Ransomware criminals should be executed (Score:3)
Re: (Score:1)
I, too, am against capital punishment. I have absolutely nothing against corporal punishment though.
"Get his ass whipped with 20 lashes like that dude up in Singapore"
-- Ice Cube
Re: (Score:1)
Death is too quick and easy. I say we never let them use or even touch anything with a processor inside.
That means using a teller when going to the bank, having to use a bike or walk to go anywhere, not being able to use modern appliances, no cellphone, having to use a mechanical watch, not even be allowed to use a basic calculator, etc.
Re: (Score:3)
http://img10.deviantart.net/62... [deviantart.net]
Who's affected? (Score:2, Insightful)
So, only the stupid users then.
Re:Who's affected? (Score:5, Insightful)
So, only the stupid users then.
And your arrogance ^ my friend, is the root of the problem. If we in the IT community are so much smarter than end users, why was telnet, ftp, smtp, http, Microsoft Windows, IoT... all designed without even the most basic considerations for security? Shouldn't an information appliance be designed so that a child, grandmother, astronaut or household pet be able to "click on" or view anything without damaging the information appliance, leaking personal details, joining a botnet.
The scum and script kiddies who write the ransomware are not rocket scientists. They're simply vandalizing a cyber-society where front and back doors are left unlocked. If we built cities as we build software, the first woodpecker would destroy civilization.
Re: (Score:2)
It's not arrogance, it's knowledge. I do try to educate people around me about removing Flash, Adobe Reader, Silverlight and using another browser than Internet Explorer because they're insecure. But if they don't listen because "website XYZ requires it" then there's nothing more I can do about it.
Re: (Score:2)
I am sure your plumber, electrician, mechanic etc think the same of you.
Toy website, toy ransomware (Score:1)
"...the latest victim being U.S. toy maker Maisto"
"Fortunately, there's a tool that can help users decrypt CryptXXX affected files for free. "
For real ransomware that's not just a toy, go to a web site of a durable-goods manufacturer.
Clearly the victim's fault (Score:2)
What do people really expect, visiting such seedy and nefarious parts of the internet like the official website of a toy producer.
Website pushes Microsoft ransomware (Score:1)