Monster.com suffered a major data breach at the weekend, with a Trojan horse stealing more than 1.6 million records from the job search site's database. Symantec's Security Response blog reports the Trojan, called Infostealer.Monstres, can steal sensitive information from Monster.com by using employer accounts which have …
Whoever has the job of naming these things should really get out more.
Same as RansomWare?
Probably used "Spearphish" emails, as shown in the recent (July 19th 07) RansomWare disclosure e.g. http://www.prevx.com/blog/52/Connecting-the-dots-on-the-ransomware-case.html
Obviously Monster.Com either did not pay the ransom, or more likely they did pay, but the blackmailers took the $$$ and the 1.6 million job records as a bonus?
Only a month after beginning my search for a new job, signing up to the top 10 recruitment sites and agencies online, and monster just *happens* to be one of them.
Now I feel safe in knowing that any one of those recruitment agencies who have all of my personal contact information are as air-tight as a wet paper towel.
By the name of the malicious file, it sounds like it was purposely engineered to break monster.com. Thinking that way, it’s possibly not spam that was on the minds of these attackers, but maybe some competition that wants to cause some trouble in the job-seeking world.
A bad day for them then
"The Wall Street Journal says that Monster Worldwide has revealed that Chris Power, chief financial officer of global operations, resigned on Friday. The online recruitment company did not disclose the reason for Power's resignation in a filing with the US Securities and Exchange Commission. Prior to becoming finance chief of global operations, Power had been finance chief of the Monster division. Monster has been going through management upheaval in the wake of an options-backdating scandal."
Not a virus
This functionality has been built into monster, and many other jobsites. Basically recruiters / employers can query the backend of the database directly.
There's no need to write a virus to do this, just pose as a recruiter and monster will allow you to connect directly to the backend database.
Office Angels have had a tool that does just this and they are happy to rent the tool out to anyone who can afford it....
Jobseekers need to be more careful with their data.
And the scammers were pretty quick exploiting their data!
I got a 419-style "Job offer" that made it through Gmail's SPAM filters on Sunday and I immediately reported it as a phishing e-mail... Now I know how it ended up in my inbox in the first place! :(
I just wonder whether gmail's SPAM and malware filter is "community driven"... They have a couple of million humans reporting spam and phishing for them 24/7. Nice touch!
On the other hand: I'll be anonymising my on-line CV's a bit more.
could that explain all the failed replies?
I logged on this morning after being off work ill to find both my main address and msn address flooded with failed responses and spam block messages.
Both these address i used on monster and as such found my dream job (thank you monster).
Coincidence?? probably. I just need to know how to stop them knowing i cant when im just being used as a reply address, grrr
Continuation from prev response
Ive checked some of the urls from the bounced back failure emails and would you beleive that out of the first 10 i checked, 4 of them seem to be recruitment agents?!?
ROTM(tm)... It Begins....
Surely it is the machines themselves that are searching resumes to identify potential human collaborators prior to a launching pre-emptive strike.
Those lucky few skilled in Java, UML and heavy machine repair will be spared the cull to perform killbot programming and maintenance.
I for one welcome our Metal Masters, and have enclosed my resume (CV) for their consideration:
00101 01100 01001 0111 01001 01010 ...
Experienced network administrator required for security Role..
The successful applicant will have experince in Internet Security, database administration, WEb Application penetration testing...
Start Date, Immediate.
Position Permanent (Hopefully)
Salary, Name your price, no really... We're desperate.
Found on GoJobsite, Fish4 etc.. In fact, everywhere apart from Monster?
...put personal details on ANY website that you don't directly control. Trust no one. Even sites as big as Monster.com will come and go, ownership will change and privacy laws/policies modified. You reap what you sow.
Anyway, most jobs are to be found via networking. Go and FIND the job yourself, physically.
Good luck jobseekers!
Since my SMS address is present on my signature block, which is part of my resume cover letter, this possibly explains the flood of cell phone SMS SPAM that I've been receiving for the past week or so.
- Very fabric of space-time RIPPED apart in latest Hubble pic
- Dell charges £16 TO INSTALL FIREFOX on PCs – Mozilla is miffed
- Video Hubble snaps SPACE CRUMBLE enigma 'roid
- CIA snoops snooped on Senate to spy spy torture report – report
- Updated Newsweek knocks on door of dad-of-six, tells him he invented Bitcoin