Ashampoo Hacked, Watch Out For Fake Customer Emails

Martin Brinkmann
Apr 22, 2011
Updated • Feb 24, 2014

Popular software developer Ashampoo is currently emailing their customers about a recently discovered successful hack on one of their servers. The break-in had been discovered by Ashampoo, and the company interrupted it and closed the security gap that the hackers used to gain access.

Unfortunately though, customer address data and email addresses were stolen by the hackers. Billing information, like credit card numbers or banking information have not been stolen according to Ashampoo who have put up a page with information about the issue on their official website.

Here is the official Ashampoo email:

Dear Ashampoo customer,

We are writing to you concerning an important issue. We regret to tell you that we also detected an unauthorized access to one of our server systems. We assume that the attackers were able to purloin data of customers. Sensitive data such as billing information etc. is not affected by this, because Ashampoo does not store this data.

We summarized all pieces of information concerning this incident for you and would like you to read the following website:

Yours sincerely,

The Ashampoo-Team

Emails are currently send out by hackers to Ashampoo customers that contain attached pdf documents. These pdf documents use a recently discovered security vulnerability in Adobe Flash to load malicious code on the system as soon as the pdf is opened on an unprotected system.

Ashampoo asks users to keep those emails unopened to avoid executing malicious code on the user system.

Hackers often follow the pattern that they make people insecure e.g. with a confirmation of an order whose attachment is then opened or rather executed. Generally it is always important that you stay suspicious of unknown senders and that you do not respond to requests that tell you to open attachments.

If you for example receive a confirmation of an order from PurelyGadgets or another company without having made an appropriate purchase there, please do not open the attachment and delete the e-mail immediately.

It is not clear which security issue is being exploited by the hackers. It is however likely that it is a recent vulnerability in Adobe Flash which has been patched by Adobe. An Adobe Reader and Acrobat update was released yesterday that addresses the vulnerability. Users who have not installed the patches yet should do so to protect their system from the exploit.

Ashampoo has scanned several pdfs that the hackers have send out at Virustotal; The result was that half of the applications detect the malicious code.

To sum it up: Do not open emails that are related to or appear to be from Ashampoo if those contain an attached pdf document. If you have to open it download it to the computer first and open it in an online pdf viewer such as Google Docs. That way you stay safe and the malicious code cannot execute. (thanks Danny for the tip).


Previous Post: «
Next Post: «


  1. Dan said on April 22, 2011 at 3:17 pm


    Hahaha! Ain’t that the gospel truth! I look forward to less Ashampoo spam and more v1agra scams. :p

    At the least they should give us 90% discounts for their stupidity.

  2. alan said on April 22, 2011 at 8:56 am

    Those who ware subscribed to ashampoo know that things can’t be much worse now..:-)

    1. David Macdonald Ajang said on April 22, 2011 at 12:06 pm

      Yes. I’m one of the subscribers sadly.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.