(due to the broad range of victims of this, i found it to be worthy of warning for my fellow DP so they arent globally phished or extorted.... if you dont use monster.com dismiss this, if you do read this in the entirety)http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9031418
By Gregg Keizer
August 19, 2007
The 46,000 people reportedly infected by ads on job sites may be only a
fraction of the victims of an ambitious, multi-stage attack that's
stolen data belonging to several hundred thousand people who posted
resumes on Monster.com, a researcher said this weekend.
According to Symantec Corp. security analyst Amado Hidalgo, a new Trojan
horse called Infostealer.Monstres by Symantec (and Prg by SecureWorks)
has stolen more than 1.6 million records belonging to several hundred
thousand people from the job search service Monster.com. That data is
then used to target the Monster.com users with credible phishing mail
that plants more malware on their machines.
"We are investigating the reports related to this Trojan and will take
any necessary steps indicated by that investigation," Monster.com
spokesman Steve Sylven said Sunday in an e-mail.
The personal information filched from Monster.com includes names, e-mail
addresses, home address, phone numbers, and resume ID number, said
Hidalgo, who traced the data to a remote server used by the attackers to
store the stolen information. Infostealer.Monstres ripped off
Monster.com by using legitimate log-ons, likely stolen from recruiters
and human resource personnel who have access to the "Monster for
employers" areas of the site. Once inside, the Trojan ran automated
searches for resumes of candidates located in certain countries or
working in certain fields. The results were then uploaded to the
attackers' remote server.
"Such a large database of highly personal information is a spammer's
dream," said Hidalgo. In fact, that's exactly what the attackers are
using their newly-acquired data for.( Collapse )