Maisto website
The ransomware message flashing on the Maisto website homepage Malwarebytes

American toy brand Maisto International, most popular for their remote-controlled toy vehicles, has allegedly been seeding ransomware through its website holding visitors' files hostage until they pay a hefty fee. Malicious files are being spread through the Angler exploit kit, a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight and other widely used internet software , it is reported.

People who visit Maisto[.]com directly on the homepage with systems that haven't received the latest updates for older versions of applications such as Adobe Flash, Oracle Java, Silverlight, and Internet Explorer can be infected with this CryptXXX ransomware. This exploit kit tactic is similar to the malicious ad campaign that hit publishing websites including the BBC and NYT last month. The Angler exploit kit has incidentally grown to be one of the most popular tools designed by cyber criminals to be sold to conduct cyber- attacks.

Malwarebytes Senior Security Researcher Jerome Segura tells ArsTechnica that he detected the primary cause for the infection spreading to be an out-of-date version of the Joomla content management system, which is the specific route the attackers took to load the malicious payloads on the homepage.


If you have fallen prey to a similar ransomware or this one in particular, the researches at Kaspersky Lab have found a weakness in this exploit and devised a way to recover files without paying the extortion demand. To know in detail how to fend this attack, click here. In addition, users should have a backup system that stores files in a location that can't be accessed without a password.