Job Search Site Monster Hacked; 1.6 Million User Records Stolen
A Trojan horse, with a descriptive name Infostealer.Monstres, was used to steal more than 1.6 million records from several hundred thousand people who posted resumes on Monster.com, Symantec has reported.
The personal details of hundreds of thousands of candidates, such as name, surname, email address, country, home address, work/mobile/home phone numbers and resume ID etc. were stolen and then uploaded to a remote server under the control of the attackers.
The trojan targeted hiring.monster.com and recruiter.monster.com subdomains; subdomains which belong to the “Monster for employers” only site, the section which is used by recruiters and human resources personnel to search for potential candidates, post jobs to Monster, et cetera. This site requires recruiters to log in to view information on candidates. Several recruiters information, probably stolen, was used to access the site and collect the information.
Such a large database of highly personal information is any spammer’s dream. Symantec found that the Trojan can be instructed to send spam email using a mail template downloadable from the command & control server. Source: Symantec
I would strongly advise you to remove your resume from Monster.com and even delete the account if possible, until the problem has been fully resolved. Also verify any emails supposedly from monster.com because you can expect lots of phishing attempts based on this data.
Filed under Computer Security, Headline News, Web, Web Services | 
| 
RSS 2.0 |
Trackback this Article
| 
Email this Article
You may also like to read |
Add to Technorati Favorites
August 23rd, 2007 at 11:20 am
hi there,
I have multiple resumes and accounts on monster. Since they have already stolen my info, I can’t do much by deleting my account ? How is deleting my account going to help ?
Thank you,
BR,
~A
August 23rd, 2007 at 1:05 pm
Let’s look at the value of deleting your account in each of the two possible scenario:
1. Your account details and personal information has been stolen
You will immediately recognize any phishing emails which pretends to be from monster.com as your account has already been deleted. So you are protected against phishing. The emails are bound to be realistic as they already have your details.
2. Your details weren’t stolen
Now you are safe from future compromise of your details. Secondly you too are protected from real-looking, after all they have your info, phishing emails which pretend to be from monster.com.
August 30th, 2007 at 8:09 pm
My info was stolen and I’m getting all kinds of bogus, personalized job offers! And if you find a way to delete ALL of your info from monster, please share, as I have yet found a way to completly delete mine. I trust very few websites with my personal information, and I thought a big company like Monster would put little more effort into protecting it’s customers.
Has anyone filed a class action lawsuit becasue of this?
September 2nd, 2007 at 8:53 am
Hi
As far as i know it was a bot based attack, the team involved had used a network of systems from ukrain & alot of users who were already infected as cutomized bots to collect information from the moster site as it was being hacked! the trojan infostealer had been transmitting the data via (XXXX)port to which these damn bots listened & data was written on to a common server!
When Symantec who manages their security had gotten hands on to the route they where very late.. the thiefs had alot of data already!
So those who have these information on monster please keep away from emails which has an hyper link or some kink of file downloads! the other kind of attacks they could do on you are simply not preventable as you dont have cure for the till date!!
Thanx
d3@dbr@1n
I thought i would change the world, but they wouldnt gimme the source code