Massive Data Hack At Monster.com

If you’ve got your resume posted at Monster.com and it contains a lot of personal details, you might want to worry right now.   The job site wasattacked and the personal details of hundreds of thousands of users were stolen, according to security firm Symantec.   How was it done? The hackers usedstolen log-in credentials to access the employers’ section of the site, then harvested names, addresses, phone numbers and e-mail addresses and other information, which were all uploaded to aremote server. They used a new Trojan called Infostealer.Monstres and stole more than 1.6 million records belonging to several hundred thousand people. The Trojan reportedly ran automated searchesfor resumes of candidates located in certain countries or working in certain fields.   That data is then used to send spam of phishing e-mails, and some have already been seen, containing plentyof personal information about the recipient.   “The attackers first gather e-mail address and other personal information from resumes posted to Monster.com withInfostealer.Monstres,” said Symantec security analyst Amado Hidalgo. “Next, they will try to infect the computers of those candidates by sending targeted Monster.com phishing mails whichinstall [Banker.c or Gpcoder.e].”   Banker.c is a Trojan that monitors the infected PC for log-ons to online banking accounts. It then records the username and password and transmits thedata back to hacker HQ. Gpcoder.e, though, is what’s known as ransomware, a Trojan that encrypts files on the hacked computer, then hold those files hostage until the user pays a fee tounlock the data.   The nasty part is how Gpcoder.e ends up on your computer. An e-mail, purportedy from Monster, asks you to download the Monster Job Seeker Tool. Such an item doesn’texist – but you’ve just loaded Gpcoder.e on your machine.