sep
December 9th, 2005, 01:34
This morning I got a letter from Directi saying
Dear Directi Reseller,
This security warning is being issued to inform you about an ongoing security concern that you might face as a Directi Reseller. A few of our Resellers have reported cases where their Reseller accounts have been hacked. We have investigated this issue thouroughly over the last 2 weeks and discovered the following aspects:
* The hacker, in the reported cases, managed to get the exact password string for logging into the reseller accounts. The passwords are not stored in plain text ANYWHERE in our database or application. Yet we see in our logs that the hacker has typed the exact password of the reseller to obtain access into the reseller's account.
* One of the Resellers whose account was compromised gave us details which helped. Apparently a few days prior to being hacked he had received a malicious trojan file which he executed, which allowed the hacker to access his machine and log his keyboard activities.
* This email is being sent as an advisory note to all of you to not click on any suspicious files and delete any suspicious emails, MSN messages and other such messages which do not come from trustworthy sources.
* Ensure that all your staff is aware of this advisory too.
* If you or your staff HAVE clicked on any executable files, word documents or any such files, sent to you via email or Instant Messenger, in the last few weeks, then immediately format those machines where you have done so, and change your reseller password from a fresh machine.
* Since anyone can spoof the From Address of an email, we also want to inform you, explicitly, to NEVER run any files or software you may receive as an attachment, even if it is sent from a DIRECTI email address. We will NEVER send you any software. If we want you to install any software we will always send you a link to the same, which will always be a link to OUR website.
* When you receive emails from people you know and don't know that have attachments, avoid opening these attachments, especially if they end with a file extension like .exe, .doc, .com, .vbs, .shs, .pif and .scr. Reading the email itself is harmless, but NEVER open an executable attachment unless you requested the file.
* Don't accept attachments from strangers (and sometimes your friends) in online chat systems such as IRC, ICQ, AOL Instant Messenger, Yahoo Messenger, MSN Messenger, etc. and avoid downloading binary/executable files from public newsgroups/forums.
* The best means of protection against viruses and trojan horses, is to keep an updated antivirus software running on your computer.
* Keep your system updated by downloading the latest security patches for your desktop environment.
tsk tsk tsk.
Dear Directi Reseller,
This security warning is being issued to inform you about an ongoing security concern that you might face as a Directi Reseller. A few of our Resellers have reported cases where their Reseller accounts have been hacked. We have investigated this issue thouroughly over the last 2 weeks and discovered the following aspects:
* The hacker, in the reported cases, managed to get the exact password string for logging into the reseller accounts. The passwords are not stored in plain text ANYWHERE in our database or application. Yet we see in our logs that the hacker has typed the exact password of the reseller to obtain access into the reseller's account.
* One of the Resellers whose account was compromised gave us details which helped. Apparently a few days prior to being hacked he had received a malicious trojan file which he executed, which allowed the hacker to access his machine and log his keyboard activities.
* This email is being sent as an advisory note to all of you to not click on any suspicious files and delete any suspicious emails, MSN messages and other such messages which do not come from trustworthy sources.
* Ensure that all your staff is aware of this advisory too.
* If you or your staff HAVE clicked on any executable files, word documents or any such files, sent to you via email or Instant Messenger, in the last few weeks, then immediately format those machines where you have done so, and change your reseller password from a fresh machine.
* Since anyone can spoof the From Address of an email, we also want to inform you, explicitly, to NEVER run any files or software you may receive as an attachment, even if it is sent from a DIRECTI email address. We will NEVER send you any software. If we want you to install any software we will always send you a link to the same, which will always be a link to OUR website.
* When you receive emails from people you know and don't know that have attachments, avoid opening these attachments, especially if they end with a file extension like .exe, .doc, .com, .vbs, .shs, .pif and .scr. Reading the email itself is harmless, but NEVER open an executable attachment unless you requested the file.
* Don't accept attachments from strangers (and sometimes your friends) in online chat systems such as IRC, ICQ, AOL Instant Messenger, Yahoo Messenger, MSN Messenger, etc. and avoid downloading binary/executable files from public newsgroups/forums.
* The best means of protection against viruses and trojan horses, is to keep an updated antivirus software running on your computer.
* Keep your system updated by downloading the latest security patches for your desktop environment.
tsk tsk tsk.