Patrick Manzo, Monster Worldwide's vice president of compliance and fraud prevention, today said going forward, the company is notifying all users in its active job-seeker database that their information may be compromised.
This announcement comes one day after Monster's CEO Sal Iannuzzi admitted the theft of contact information for job seekers in Monster's database may have been much greater than the 1.3 million individuals reported earlier this month.
Monster said it learned of the proverbial break-in when it was notified by security vendor Symantec. And Monster said it wanted to launch its own investigation to verify the security breach before notifying those job seekers who had been affected, Manzo said. He added it would have been "irresponsible" for Monster to contact its job seekers without first verifying the information Symantec had provided.
In mid-August the Inforstealer.monstres Trojan horse was used in e-mails to Monster.com subscribers; the e-mail pretended to be from a potential employer. According to Symantec, subject lines included "(a person's real name), Monster.com suggests You the new job for you" and "(realname), Monster.com have the new job for you." Offers included $500 as sign-on bonus, the ability to work from home, and the recruiter also promised a very small amount of work hours.
The e-mail contained a link or attached file which, when executed, installed the Prg Trojan on the victim's computer. Thereafter any personal information typed into the compromised computer was then relayed to servers in Asia. As part of the job application, potential employees were asked to provide Social Security numbers and bank account information.
Prg uses a back-door proxy server listening for connections on port 6081. Port 6081 is not currently assigned for legitimate services, so if port 6081 is open on your computer, and there is traffic on that port, you may be infected. SecureWorks notes that some victims who used commercial antivirus protection to remove the Trojan, would later revisit the infected job sites and were therefore at risk of being infected with another variant of the same Trojan.
In mid-August, Don Jackson and Joe Stewart, two security researchers at SecureWorks, identified a server in Asia containing one of the largest caches of stolen data attributed to the Prg Trojan. The data on the server included bank and credit card information, Social Security numbers, online payment account user names and passwords.
Monster's Manzo stressed the information in the Monster Worldwide database is similar to that found on a business card--name, phone numbers, e-mail addresses--but no financial information or Social Security numbers.
Monster is beefing up its ability to monitor traffic on its Web site, tighten access controls and policies, as well as improve its privacy steps for job-seeker information, Manzo said. One such task it has undertaken is asking employers who use its site to rely on more complex passwords.
News.com's Dawn Kawamoto contributed to this blog.
Malicious attackers beware, a Monster may be coming after you.
After a malicious attackers pilfered job candidate information from its job seeker database, Monster located the attacker's rogue server and pulled the plug, the company announced Wednesday. But fallout from that episode remains.
The hooligans, who loaded a Trojan horse called Infostealer.Monstres on the company's resume database, got access to job candidates' names, addresses, phone numbers and e-mail addresses.
They weaseled their way in by gaining access to a legitimate log-in credential reserved for employers, via a computer that had been infected with the malicious software.
Now, Monster is assessing the extent of the damage. The company is investigating the number of job seekers who were affected and will be contacting them. Monster is also offering information on avoiding online scams, phishing and fraud during a job search.
Experts may take years to examine and analyze the latest purported video of the Loch Ness Monster, henceforth known as "Nessie." But our crack analytic team, to wit CNET editor Lori Grunin, has identified the camcorder used to take that footage.
Lori took a look at the Scottish TV video of the cameraman and his sighting. After examining the video of the camcorder, she tells us it's an antique Sony DCR-TRV130E (an old Digital 8 model). At any rate, the camcorder is far more modern than the legends of Nessie, which go back more than 2,500 years. Now that's some analysis you won't see from the Nessie experts.
1934 hoax pic
Here you can read a Scottish Web site's detailed report on the "sighting." I found the video of Nessie easily enough, but a couple of purported research sites are now woefully out of date. This dedicated Nessie site has no mention of this week's world-shaking video, for example, and Wikipedia was apparently still doing some careful fact-checking on this latest Nessie report. There was no mention as of this writing.
One other fact about Nessie: She'll continue to be good for the tourist trade around Loch Ness. And this latest video certainly won't hurt.
- prev
- 1
- next
