Monster.ie unaffected by data fraud


22 Aug 2007

Security firm Symantec has confirmed that the personal data of several hundred thousand users of job search site Monster.com has been compromised by a Trojan attack on confidential details.

However, an official spokesperson for Symantec in Ireland told SiliconRepublic.com that to Symantec’s knowledge the data attack had not affected either Monster.ie or Monster.co.uk, having only targeted the US division, Monster.com.

The attack involves a newly discovered Trojan called Infostealer.Monstres which is malicious software that hides inside a piece of legitimate-seeming software.

The Trojan creators were attempting to hack into the hiring.monster.com and recruiter.monster.com sub-domains only.

“The Trojan appears to be using the (probably stolen) credentials of a number of recruiters to login to the site and perform searches for resumes of candidates located in certain countries or working in certain fields,” said the official Symantec security blog.

The Trojan then has control of the data of Monster.com jobseekers, including names, addresses, email addresses and phone numbers.

Code from this Trojan is very similar to another one called Trojan.Gpcoder.E which is included in spam attacks and masquerading as an email from Monster.com, encourages users to download what appears to be a piece of Monster software.

This software would potentially sit on the users machine gathering information such as log-in and password details for sites like online banking.

Monster.ie, with over 230,000 CVs, and 290,000 visits a month, remains unaffected.

By Marie Boran