Ashampoo Database Hacked – What You Need To Know

I could spend all day, every day, reporting on nothing more than the latest cyber criminal targeted intrusions into enterprise IT systems.  Two reports from my today’s Tech Net News column illustrate that we are barely scratching the surface of this significant, continuous, and rapidly expanding problem:

European Space Agency website and FTP servers hacked

Dramatic increase in cyber attacks on critical infrastructure

If you’re an everyday reader here, then you may recall that I regularly recommend that you take advantage of the German software developer Ashampoo’s, occasionally offered free application multipacks.

The downside (for some) is, you must register and provide an email address. Additional benefits can be gained by registering as an  Ashampoo member, which includes creating a password.

Unfortunately, Ashampoo has become a victim of a cyber criminal targeted intrusion aimed at their customer database. According to the company:

“Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately.

The stolen pieces of information are data of addresses such as name and e-mail address. Billing information (e.g. credit card information or banking information) is definitely not affected … it is not stored on our system.”

If you have taken advantage of Ashampoo’s offers, then it’s important that you exercise extreme caution with any future emails sent by the company and, any unsolicited email sent by any company, for that matter.

As well, if you have registered as an Ashampoo member, it’s important that you change your account password. Additionally, if you have used the same password elsewhere (you’d be surprised how often this occurs), it’s imperative that you change these passwords immediately.

My thanks to my buddy John B. (a great Scot!), for bringing this unfortunate incident to my attention this morning.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Google Redesigned – Dress Up Your Google Services

I’m a “skin man”. For example, I’m a big fan of the Firefox add-on Personas Plus, which brightens my dull, boring, “un-skinned” Firefox, with a choice of any one of 180,000 cool designs.

The selections are wide ranging – from bands (All American Rejects, No Doubt, Lady Gaga, Bob Marley, ….), to movies (Harry Potter, Fame, ….), favorite causes (Greenpeace, ….), and much, much more.

So, when regular reader TeX, tipped me off to one of his new finds, Google Redesigned, a Firefox add-on which changes the look and feel of Google services, I had to give it a try.

Supported services:

Gmail

Google Reader

Google Docs

Google Calendar

How It Works:

The extension loads a collection of independently maintained CSS files which are saved to your web browser’s cache. These CSS files then overwrite the default styling used by Google.

The following screen captures will give you a good idea of the “Before and After”. Click on a graphic to expand to original.

Gmail – un-skinned.

Gmail – skinned.

Google reader un-skinned.

Google reader skinned.

System requirements: Firefox 3.6 – 4.0. The theme also works with SeaMonkey 1.0 – 2.0a1, and Thunderbird 1.5 – 3.2a1pre.

According to the developer, a Chrome extension is in the works.

Download at: Mozilla

Following installation, a restart is required.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Malware Speaks! Please Listen

If malware could speak, what a tale his thoughts could tell.

If you could have a conversation with one, or more, of the scourges that infest the Internet, you might be surprised at what could be learned from such an imaginary conversation. It might go something like this:

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor. Since LOP is a shift changer, and is often incompletely recognized by many tools – particularly newer forms of the infection, he’s having a hell of a good time.

The people he works for (some might call them cybercrooks – well, actually everyone calls them cybercrooks), are experts at convincing you to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Here’s what WOT has to say about mp3search.com. Click on the graphic to expand the image.

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded – making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try, you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a Keylogger to capture your key strokes and just for fun, he’ll go on to scan your email contact list so that he can bug your friends. Hmm, maybe they’ll soon to be your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that most people, haven’t installed the latest operating system updates, nor have they updated their security applications, like their supposed to.

Even if they have taken care of updating their operating system, it’s almost certain that they haven’t updated installed productivity applications, and LOP knows just how vulnerable these applications can be.

So, think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon. You have a good day now.

This is an edited and revised copy of an article originally posted here July 14, 2009.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free DNS Jumper – Easily Change Your Default DNS Settings

Popular guest writer Rick Robinette, has a knack for finding great free applications – applications that make the Internet experience smoother, safer and more interesting. See what Rick has to say about his most recent find – DNS Jumper.

If you are a regular reader of the blog (What’s On My PC), you may have read the following articles about DNS (Domain Name System) and how changing your default DNS settings on your PC to a service such as OpenDNS or Google’s Public DNS can result in a faster (and safer) internet experience. For example I use the DNS settings that is provided by OpenDNS on all of my computers.

OpenDNS … Something to try…

Google’s Public DNS Resolution Service

The DNS protocol is an important part of the web’s infrastructure, serving as the Internet’s phone book: every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they start loading, so your computer may be performing hundreds of lookups a day. – Google Public DNS

When I composed those articles, I wondered how many people actually followed up and changed their DNS settings, for fear they would mess up their computers?

Today, I ran across a small software utility called DNS Jumper that you simply download, run, and mouse click a button to select which DNS service you would like to use.

This little utility does all the work for you. If you desire to return to your default DNS settings, you simply mouse click on DNS Default and your settings revert to the original settings. This utility is portable and makes for a nice addition to the tech toolbox.

Download at: Sordum

Note: A beta version (DNS Jumper v1.0.3), is also available. Keep in mind however, that a Beta version is not necessarily a stable release.

This is a guest post by Rick Robinette, who brings a background as a security/police officer professional, and as an information technology specialist to the Blogging world.

Why not pay a visit to Rick’s site at What’s On My PC. Like me, you’re sure to become a frequent visitor.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Webmail Phishing Attacks – The True Cost

MessageLabs points out in this timely report, the true cost of webmail phishing attacks, and the impact such attacks can have on the victims of this cyber-criminal activity.

Courtesy of MessageLabs:

In the wake of the news reports this week of the large-scale webmail phishing attacks, much of the coverage has surrounded the compromise of email accounts which, according to the numbers, affected a massive amount of webmail users.

However, what has been glossed over is the potential impact on the other aspects of the victims’ online lives. The bad guys likely now have more than just access to users’ email accounts, they have access to a host of other online services the victim uses.

“A user’s unique email address is often used to authenticate a number of web sites, including social networking sites and Instant Messaging on a public Instant Messaging (IM) network,” said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec. “If your email address has been compromised, not only should you change the password there, you should also change it on any other site that uses that email address as a log in ID.”

Once the bad guys have email account information and the will to take over a related social networking accounts, all they need to do is try the password reminder links from the login pages. They can then not only use your email to spam, they can also gain access to other personal information stored online.

Over the last year, MessageLabs Intelligence has tracked a number of phishing attacks using Instant Messaging whereby the bad guys collected real IM user account information and passwords and used them to send commercial messages to everyone on the user’s buddy list.

An invitation to view a funny video or embarrassing pictures by clicking on a link in an IM was the bait and the landing site would then ask the victim to log in with their IM user name and password. For public IM networks, the user name is often the same as the web-based email account.

Phishing isn’t the only way the bad guys can gain access to webmail accounts. MessageLabs Intelligence has been aware of an increase in the number of “brute-force” password breaking attempts, where dictionary attacks are used against online webmail accounts to break in, perhaps using POP3 or webmail to conduct the attacks.

Users with simple or weak passwords are the most vulnerable. On the website, an attacker will be asked to solve a CAPTCHA puzzle to prove they are a real person. CAPTCHAs can be easily bypassed using a variety of CAPTCHA-breaking tools.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Fix Disk Errors And More With Free Disk Heal

So you’ve finally managed to get rid of that nasty piece of malware that’s been causing you all sorts of grief – your anti-malware application has come to the rescue.

But now you’re left with another problem; a problem which can be equally as aggravating.

We’ve all heard the horror stories where the user was left to deal with the following problems after successfully removing an infection.

Drive inaccessibility

Task Manager inaccessibility

Folder Options inaccessibility

Registry Editor inaccessibility

Scary stuff to be sure, but you don’t have to be a Techno Geek to deal with these types of problems. Even though, for the casual or new user, a manual solution may be outside their technical abilities, there is a great newbie tool which offers a free solution.

Disk Heal is a free Windows NT, 2000, XP and Vista utility that may be able to restore the condition of your Hard Drive, or a USB Flash Drive, after it has been being infected by a virus.

Disk Heal is a great free tool that has a host of additional capabilities, including recovering hidden files and performing system tweaks, The simple interface makes it easy to access these additional functions, with with just one click.

Quick facts:

Fixes disk problems

Fixes task manager inaccessibility

Fixes folder options inaccessibility

Fixes registry editor inaccessibility

Recovers hidden files and folders

Changes the default icon of any drive, external, internal, or a partition

Security and system tweaks

As you’re building your toolbox of system utilities, this is a good application to add. None of us are immune to a virus infection, and at some point you’ll be glad you had this little tool ready to go.

System requirements: Windows NT, 2000, XP and Vista

Download at: Download.com

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

If Malware Could Speak – What a Tale it Would Tell!

If malware could speak, you could have an illuminating conversation with one, or more, of the scourges that infest the Internet.

You might be surprised at what could be learned from such an imaginary conversation. It might go something like this –

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor.

He will accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that he likes to piggyback on. There are many more than that of course.

The people he works for (some might call them cyber-crooks – well, actually everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is http://www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded  making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try,you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his other malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a keylogger to capture your key strokes and just for fun, he’ll go on to scan your email address book so that he can bug your friends. Hmm, maybe they’ll become your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that like most people, you probably haven’t installed the latest operating system updates, nor have you updated your security applications, like you’re supposed to.

Even if you have taken care of these critical areas, it’s almost certain you haven’t updated your installed productivity applications, and LOP knows just how vulnerable these applications can be.

So think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon.

You have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Repair Drives, Files, Folders with Free Disk Heal

While it’s true that most anti-malware applications will remove an executable malware file from your system, depending on the infection, it is not uncommon that it will be unable to reverse the damage already done.

In many cases the user will be left to deal with the following problems.

Drive inaccessibility

Task Manager inaccessibility

Folder Options inaccessibility

Registry Editor inaccessibility

It’s not necessary to be a Techno Geek to deal with these types of problems; there are a number of manual methods to resolve these issues. But for the casual or new computer user, the solution may be outside their technical abilities. Fortunately, there is a free solution that is new user friendly.

Disk Heal is a free Windows NT, 2000, XP and Vista utility that may be able to restore the condition of your Hard Drive, or a USB Flash Drive, after it has been being infected by a virus.

This free application is a very useful tool that has a host of additional capabilities, including recovering hidden files and performing system tweaks; all can be accessed with just one click.

Quick facts:

Fixes disk problems

Fixes task manager inaccessibility

Fixes folder options inaccessibility

Fixes registry editor inaccessibility

Recovers hidden files and folders

Changes the default icon of any drive, external, internal, or a partition

Security and system tweaks

As you’re building your toolbox of system utilities, this is a good application to add. None of us are immune to a virus infection, and at some point you’ll be glad you had this little tool ready to go.

Download at: Download.com

A Conversation with Adware – Secrets Revealed!

If you could have an imaginary conversation with LOP, just one of the millions of malware/adware strains currently circulating on the Internet, it might go something like this –

I might be adware, but I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

I’ll accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that I like to piggyback on.

Just so you know though, I’m pretty lazy so you won’t be able to actually download any files using these bogus applications.

My masters (some might call them cyber-crooks – actually, everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like me.

I’m a pretty neat piece of adware (my masters are pretty smart fellows), since I’ve been designed to display ads from a range of advertisers through pop-up windows, banner ads and so on. Oh, and I’ll automatically switch your Internet Explorer home page to my own search engine. One I particularly like is http://www.mp3search.com. When searches are made with this engine, the results that you get will be advertising pages that I choose to display.

(Sample misdirected search – click pic for larger)

Just in case you decide that I’m no longer welcome on your computer (that happens to me all the time), I’ll connect every so often to a web page from which I’ll download new files containing variants of myself which will make it difficult to delete all of my active malicious files on your system.

I should tell you that I’m extremely hard to get rid of, and just in case you try to get rid of me, I’ll make over 200+ changes to your Registry Keys. And in case that’s not enough to dissuade you from trying to kick me out, you should know that I have the ability to invite lots of my other adware friends over to party on your system.

I love to monitor your system’s processes, and I can even play with your security applications making them ineffective. Once I’ve done that, I can unleash my keylogger to capture your key strokes and just for fun, I might even scan your email address book so that I can bug your friends.

In my spare time I’m going to look around your operating system for vulnerabilities, because I’m pretty certain, that like many people, you haven’t installed the latest updates nor have you updated your security applications, like you’re supposed to.

Hey man, I’m here for a long, long visit, so think carefully before you offer me that invitation.

Have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.

I am LOP – I am Adware – I WILL Control Your Computer

I might be adware, but I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

I’ll accept your invitation, to infect your system, if you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that I like to piggyback on.

Just so you know though, I’m pretty lazy so you won’t be able to actually download any files using these bogus applications.

My masters (some might call them cyber-crooks – actually, everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like me.

I’m a pretty neat piece of adware (my masters are pretty smart fellows), since I’ve been designed to display ads from a range of advertisers through pop-up windows, banners ads and so on. Oh, and I’ll automatically switch your Internet Explorer home page to my own search engine. One I particularly like is http://www.mp3search.com. When searches are made with this engine, the results that you get will be advertising pages that I choose to display.

Just in case you decide that I’m no longer welcome on your computer (that happens to me all the time), I’ll connect every so often to a web page from which I’ll download new files containing variants of myself which will make it difficult to delete all of my active malicious files on your system.

I should tell you that I’m extremely hard to get rid of, and just in case you try to get rid of me, I’ll make over 200+ changes to your Registry Keys. And in case that’s not enough to dissuade you from trying to kick me out, you should know that I have the ability to invite lots of my other adware friends over to party on your system.

I love to monitor your system’s processes, and I can even play with your security applications making them ineffective. Once I’ve done that, I can unleash my keylogger to capture your key strokes and just for fun, I might even scan your email address book so that I can bug your friends.

In my spare time I’m going to look around your operating system for vulnerabilities, because I’m pretty certain, that like many people, you haven’t installed the latest updates nor have you updated your security applications, like you’re supposed to.

Hey man, I’m here for a long, long visit, so think carefully before you offer me that invitation.

Have a good day now.

Elsewhere on this Blog you can read an article on free anti-malware programs, including anti-virus software, and you can download those that may suit your needs.