[privacy] Identity Attack Spreads: 1.6M Records Stolen From Monster.com

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via ComputerWorld.

[snip]

The 46,000 people reportedly infected by ads on job sites may be only a
fraction of the victims of an ambitious, multi-stage attack that's stolen
data belonging to several hundred thousand people who posted resumes on
Monster.com, a researcher said this weekend.

According to Symantec Corp. security analyst Amado Hidalgo, a new Trojan
horse called Infostealer.Monstres by Symantec (and Prg by SecureWorks) has
stolen more than 1.6 million records belonging to several hundred thousand
people from the job search service Monster.com. That data is then used to
target the Monster.com users with credible phishing mail that plants more
malware on their machines.

"We are investigating the reports related to this Trojan and will take any
necessary steps indicated by that investigation," Monster.com spokesman
Steve Sylven said Sunday in an e-mail.

The personal information filched from Monster.com includes names, e-mail
addresses, home address, phone numbers, and resume ID number, said Hidalgo,
who traced the data to a remote server used by the attackers to store the
stolen information.

[snip]

More:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&art
icleId=9031418

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wj8DBQFGyTMxq1pz9mNUZTMRApWtAKDUAo6r3q4LomwUd4KKqX9zeWxf5wCg1Ee9
9Sb6VPCwymkMf7OgeAFe3hw=
=mZsq
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy