Monster.com hacked

August 25, 2007 at 9:05 am 1 comment

monster.comJob portal Monster.com has announced that confidential details of more than 1.3 million people, mainly Americans, were stolen by malicious hackers. Apparently, servers and hijacked home computers in the Ukraine were used to mount the attack. The thieves got away with names, addresses, phone numbers and e-mail addresses of Monster.com users. Details available on the BBC News site. Symantec, who informed monster.com of the attack on August 17, reveals how it was done. The rogue servers were shut down on August 21 according to monster.com. It is said that no financial information was stolen.

Entry filed under: Posts. Tags: .

The incompetence is amazing! For God’s sake!

1 Comment Add your own

  • 1. Vic  |  August 29, 2007 at 1:18 pm

    http://www.pcworld. com/printable/ article/id, 136387/printable .html

    “Monster’s resume database was looted, and the personal information taken was used to forge convincing messages that deposited password-stealing Trojans and ransomware on users’ PCs.”

    The ransom amounts are said to be as much as $300 per head, Apparently Symantec and Monster are at some odds to exactly what extent the mess has hit customers. While possibly no financial information was in fact stolen from Monster’s servers, the phishing (called spear phishing because it is so fiendishly targeted) could have many hundreds or thousands of people at risk from spyware and Trojans.

    “That, however, is the prime use of the stolen information, said Symantec’s Hidalgo, who traced connections between Infostealer. Monstres and at least two other Trojans. The first, Banker.c, watches for, steals, then transmits back to hacker HQ online banking log-in information for accounts at Bank of America and the German arm of Citibank. The second, Gpcoder.e, is “ransomware, ” a Trojan that encrypts files on the infected PC’s hard drive, then informs its owner that the files will be unusable until a fee is paid. In Gpcoder.e’s case, the ransom was $300.”

    “”I certainly would encourage others to protect themselves and delete their Monster accounts as well.” said a Chicago user identified as “Greg” in a comment on a Computerworld story that ran Thursday. “

    The implication? If you do not look after your security (and that of the information you gather as a part of your business), your business itself may be at risk.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


Past Posts

Twitter Updates


%d bloggers like this: