Tuesday December 2, 2008 4:50 AM AEST

SC Magazine Australia/NZ > News > Breaches & Exposures > Identity > Thousands of Monster.com user details stolen

Vulnerability Alerts

SANS

Microsoft

MS07-068 - Critical: Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) - Version:2.3
MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723) - Version:2.0

CERT/CC

Latest Comments

"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."

on Shavlik Technologies to broaden its patch management offerings

by Werner K | Nov 26, 2008 8:36 PM

"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."

on Companies have security to consider with in-the-cloud Office

by SGE | Nov 25, 2008 3:29 PM

"how many users allow per session? because the digital persona password manager allows only 10 ..."

on DigitalPersona Pro Workstation/Pro Server

by Daniel | Nov 25, 2008 12:14 AM

"security through obscurity...shows how detached HIPAA is from reality."

on Privacy breaches causing business instability

by priceOfFishInChina | Nov 20, 2008 1:19 PM

"I have been the recipient of Agent.JEN.Trojan through an email suggesting a UPS parcel (including..."

on Trojan disguised as UPS delivery note

by Vincent Laing | Nov 13, 2008 4:01 PM

Identity

Thousands of Monster.com user details stolen

Researchers at the security vendor detected the Trojan, called Infostealer.Monstres, which is accessing data from the online recruitment site.

According to an advisory on Symantec’s website, the Trojan spreads via email attachments and web pages exploiting browser and software vulnerabilities.

The malware uploaded the captured data to a remote web server, which contained over 1.6 million entries of personal information belonging to several hundred thousand people, mainly based in the US, the researchers said.

The hackers stole personal data including name, email address, home address, country of residence and telephone numbers, which were then uploaded to the server.

“Such a large database of highly personal information is a spammer’s dream,” Symantec said. “In fact, we found the Trojan can be instructed to send spam emails using a mail template from the server. The malware appears to be using the – probably stolen – credentials of a number of recruiters to login to the site and perform searches for resumes of candidates.”

The advisory reveals that the ntos.exe file used by Infostealer.Monstres is also employed by Trojan.Gpcoder.E, which has reportedly been used in phishing attacks against the US-based firm.

Symantec said that it has informed Monster.com of the security breach in order for the compromised accounts to be disabled.

Monster.com could not be reached for comment.

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Breaches & Exposures Whitepapers

Thousands of Monster.com user details stolen

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management