Hackers Steal 1.6 Million Files From Monster.com
After the security breach, users receive e-mails asking for banking information.
Aug. 22, 2007 — -- This weekend, hackers stole 1.6 million files from Monster.com, one of the country's most popular job-searching Web sites, according to a top security company.
Symantec, which produces well-respected anti-virus software that is used worldwide, detected the problem late last week, Patrick Martin, a senior product manager on Symantec's security response team, told ABCNEWS.com.
Thursday, the company found some malicious code.
"We saw that it was doing some interesting things with some information over in Eastern Europe," Martin said. After investigating more, Symantec found that the e-mail addresses and names all had one thing in common — they were stolen from Monster.com.
The hackers' Trojan virus, which used real employer log-ons and passwords to access information, transferred the data from the site to a server in Eastern Europe.
"The attacks started soon after that," Martin said. "Whenever you see malicious code harvesting e-mail addresses, we know what's going to follow — e-mails."
Almost immediately after Symantec detected the problem, Monster.com users whose e-mail addresses had ostensibly been stolen began receiving "phishing" e-mails. These e-mails, according to Martin, claimed to be prospective employers offering a work-from-home job. All that was needed, the e-mails claimed, was access to the user's bank account. The e-mails specifically reference Bank of America accounts as well as Monster.com and CareerBuilder.com, another popular job-search site.
"What they did was a slightly more sophisticated attack than we normally see. All of these e-mails have one thing in common — people who have submitted resumes and are looking for a job," Martin said. "When the user looks at the e-mail — some unknown e-mail that happens to know that they are looking, [they have a] sense of security [and they think,] 'Wow, this must be legitimate.'"
This is "a total money scam, a fraud scam, that's all this is," he said.
Robert Siciliano, a security expert and CEO of IDTheftSecurity.com, said, "I would certainly suggest that those who have done business with Monster need to monitor their credit immediately."
Siciliano suggested checking credit reports as well as investing in credit monitoring services, a paid service that keeps users informed of new activity.
Martin saw the threat to financial security as a serious one as well. He said he believes the hackers won't stop with these particular e-mails.
Related Stories
ABC News Live