back to article Monster Trojan monsters job seekers' records

Monster.com suffered a major data breach at the weekend, with a Trojan horse stealing more than 1.6 million records from the job search site's database. Symantec's Security Response blog reports the Trojan, called Infostealer.Monstres, can steal sensitive information from Monster.com by using employer accounts which have …

COMMENTS

This topic is closed for new posts.
  1. Steve

    Infostealer.Monstres ?

    Whoever has the job of naming these things should really get out more.

  2. Will Blake

    Same as RansomWare?

    Probably used "Spearphish" emails, as shown in the recent (July 19th 07) RansomWare disclosure e.g. http://www.prevx.com/blog/52/Connecting-the-dots-on-the-ransomware-case.html

    Obviously Monster.Com either did not pay the ransom, or more likely they did pay, but the blackmailers took the $$$ and the 1.6 million job records as a bonus?

  3. Stu

    Bloody Brilliant

    Only a month after beginning my search for a new job, signing up to the top 10 recruitment sites and agencies online, and monster just *happens* to be one of them.

    Wonderful

    Now I feel safe in knowing that any one of those recruitment agencies who have all of my personal contact information are as air-tight as a wet paper towel.

    By the name of the malicious file, it sounds like it was purposely engineered to break monster.com. Thinking that way, it’s possibly not spam that was on the minds of these attackers, but maybe some competition that wants to cause some trouble in the job-seeking world.

  4. Simon Reed

    A bad day for them then

    "The Wall Street Journal says that Monster Worldwide has revealed that Chris Power, chief financial officer of global operations, resigned on Friday. The online recruitment company did not disclose the reason for Power's resignation in a filing with the US Securities and Exchange Commission. Prior to becoming finance chief of global operations, Power had been finance chief of the Monster division. Monster has been going through management upheaval in the wake of an options-backdating scandal."

  5. weffew

    Not a virus

    This functionality has been built into monster, and many other jobsites. Basically recruiters / employers can query the backend of the database directly.

    There's no need to write a virus to do this, just pose as a recruiter and monster will allow you to connect directly to the backend database.

    Office Angels have had a tool that does just this and they are happy to rent the tool out to anyone who can afford it....

    Jobseekers need to be more careful with their data.

  6. Fabrizio Marana

    And the scammers were pretty quick exploiting their data!

    I got a 419-style "Job offer" that made it through Gmail's SPAM filters on Sunday and I immediately reported it as a phishing e-mail... Now I know how it ended up in my inbox in the first place! :(

    I just wonder whether gmail's SPAM and malware filter is "community driven"... They have a couple of million humans reporting spam and phishing for them 24/7. Nice touch!

    On the other hand: I'll be anonymising my on-line CV's a bit more.

    F.

  7. Paul Hamlet

    could that explain all the failed replies?

    I logged on this morning after being off work ill to find both my main address and msn address flooded with failed responses and spam block messages.

    Both these address i used on monster and as such found my dream job (thank you monster).

    Coincidence?? probably. I just need to know how to stop them knowing i cant when im just being used as a reply address, grrr

  8. Paul Hamlet

    Continuation from prev response

    Ive checked some of the urls from the bounced back failure emails and would you beleive that out of the first 10 i checked, 4 of them seem to be recruitment agents?!?

  9. A. Merkin

    ROTM(tm)... It Begins....

    Surely it is the machines themselves that are searching resumes to identify potential human collaborators prior to a launching pre-emptive strike.

    Those lucky few skilled in Java, UML and heavy machine repair will be spared the cull to perform killbot programming and maintenance.

    I for one welcome our Metal Masters, and have enclosed my resume (CV) for their consideration:

    00101 01100 01001 0111 01001 01010 ...

  10. Anonymous Coward
    Anonymous Coward

    Experienced network administrator required for security Role..

    The successful applicant will have experince in Internet Security, database administration, WEb Application penetration testing...

    Start Date, Immediate.

    Position Permanent (Hopefully)

    Salary, Name your price, no really... We're desperate.

    Found on GoJobsite, Fish4 etc.. In fact, everywhere apart from Monster?

  11. Anonymous Coward
    Anonymous Coward

    Don't ever...

    ...put personal details on ANY website that you don't directly control. Trust no one. Even sites as big as Monster.com will come and go, ownership will change and privacy laws/policies modified. You reap what you sow.

    Anyway, most jobs are to be found via networking. Go and FIND the job yourself, physically.

    Good luck jobseekers!

  12. David Titelbaum

    Cellphone spam

    Since my SMS address is present on my signature block, which is part of my resume cover letter, this possibly explains the flood of cell phone SMS SPAM that I've been receiving for the past week or so.

This topic is closed for new posts.

Other stories you might like