Maplesoft, a leading provider of high-performance software tools has reported a security breach of its administrative database. As reported on the company website, the hackers gained access to e-mail subscription data and company and institution names of customers, but the financial data remained secure. The security breach was conducted using a Trojan attack with the Zeus Trojan, where the perpetrators used the customer data to spread malware and asked customers to install a malicious “security patch” on behalf of the company. Those who fell in the trap got their systems infected with the Zeus Trojan.

The IT staff at Maplesoft discovered the security breach after some of Maplesoft’s customers received what appeared to be a spam email. The spam mails contained a link which directs users to a location with the domain maple-soft.com, and the attachment called Maple_Patch.zip which they are asked to extract using the password MapleSecuirityUpdate1707. Soon after that, the company posted the information on its website, warning users to avoid opening or responding to such mails.

“Maplesoft takes the security of our customers’ and contacts’ personal information very seriously. We are in the process of notifying all individuals whose information may have been compromised,” said Jim Cooper, CEO of Maplesoft. “We have locked down our systems to prevent further unauthorized access and we are reviewing our security practices and procedures to help ensure this does not happen again.”

Cybercriminals have become quite active (rather proactive) these days, and do not miss a single opportunity to leverage for their benefit. Be it the Maplesoft security breach that did not expose any critical information, or the massive breach of 400K Yahoo Voice accounts, hackers have their eyes on each and every corner of the internet. No matter if it is Trojan, malware, or their favorite SQL injection tool, they would do anything to grab what they want. So far in the past one week, over 1 million accounts have been compromised in one or other way and $350K were stolen by hackers. This included hacking of bitcoin bank, Phandroid’s Android Forums, Nvidia’s forums, and several others.