You can not trust anyone: the site of a popular toy manufacturer infected visitors' PCs with a cryptographer

    image

    Recently, the site of Maisto International, a manufacturer of popular toys with radio control, was hacked . The site itself was not needed to attackers, no data was stolen. The purpose of hacking is to place on the main page an exploit attacking a visitor's PC and loading a cryptoger into a vulnerable computer ...

    Malicious software spread using vulnerabilities in outdated versions of Adobe Flash, Oracle Java, Silverlight, and Internet Explorer. The ransomware itself that the attackers distributed is called CryptXXX. Fortunately for the victims, this is not the most dangerous cryptographer, the company Kaspersky Lab has released an "antidote", you can find it here . As it turned out, it was possible to implement a cryptographer on the site thanks to the outdated version of Joomla.

    Already knowing that the company's site had been hacked, information security specialist Jerome Segura decided to look for the way in which the hacking was carried out. He discovered that indeed, an outdated version of CMS Joomla is being used. This was understood by another tool , Sucuri.

    Last month, a similar attack was carried out on sites with Microsoft's IIS Web server. Only then were CryptoWall or TeslaCrypt cryptographers used.

    Earlier, information appeared on the Web that many well-known sites are infected, and they spread the Angler exploit, which already downloads the cryptographer to the victim's PC that visited the site. This kind of attack confirms the opinion of information security experts that even well-known and popular sites that users trust are not completely secure.

    Most of the users underestimate the importance of updating system programs, including OS, browser, etc. They also underestimate the importance of updating CMS website owners who either forget to update or do not do it for a number of other reasons (lack of specialists, time, fear of spoiling something, etc.).

    Also popular now: