'Tis the season for data breaches, apparently. German software firm Ashampoo issued a warning this week
to inform users of a break-in. Hackers gained unauthorized access to servers containing names and email addresses of customers. The company didn't reveal precisely how many accounts are affected, saying only that "pieces of information" were taken.
On the bright side, Ashampoo said billing information such as credit card and banking details weren't compromised. Since we're only talking about names and email addresses, the primary concern is that those individuals will be targeted in malicious attacks. For example, attackers are posing as the UK retailer PurelyGadgets
to send fictitious order confirmations.
The emails reportedly contain an infected PDF attachment. Naturally, once you open the file, it uses a security vulnerability to load malicious code. Ashampoo didn't specify what software contains the vulnerability, nor is it clear what the infection does. Keeping safe should be pretty straightforward: don't open any suspicious attachments from unknown senders.
Ashampoo has linked a couple VirusTotal scans of two PDFs known to be in circulation (PDF1
). You can click those links to determine if your antivirus is capable of detecting the malware. PDF1 seems to be caught by most popular scanners, but PDF2 manages to slip by 33 out of 40 antiviruses, including those offered by AVG, Kaspersky, Microsoft, and Symantec.
Just last week, hackers gained low-level root access
to WordPress' servers and copied sensitive data. That followed only a couple weeks after hackers gathered millions of names and email addresses by breaching the servers of Epsilon
, an email marketing firm who represents major retail and financial companies including JPMorgan Chase, Best Buy and Target.