Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Security / Hacking News

Hacking News

Russian Hackers Turn to Recruitment Sites

Loads of money to be made from stealing such info

By George Craciun, Security News Editor

9th of July 2008, 12:29 GMT

Adjust text size:


Russian hackers steal data from your CV
Enlarge picture
It would seem that in order to make a few bucks the Russian hackers are not satisfied with the traditional means anymore and are turning to recruitment sites. A nice profit can be made by harvesting all that information and then selling it to interested parties on the black market.

The group of hackers responsible for this data harvesting is known as Phreak. Their Trojan is designed to scour the Internet, recruitment sites in particular, and gather as many CVs as possible. The list of sites that have fallen victim to the Russian attack is quite long and it includes the following: Monster.com, AOL Jobs, Ajcjobs.com, Careerbuilder.com, Careermag.com, Computerjobs.com, Hotjobs.com, Jobcontrolcenter.com, Jobvertise.com and Militaryhire.com. The CVs along with the data included in them was supposed to be kept private and used only for recruitment purposes.

"This is way beyond email harvesting tools. The utility is quite sophisticated and attempts to make sense of the data format found in CVs, extracting only useful information. Phreak is selling its services to people running higher-end [targeted] spear phishing attacks," says Jacques Erasmus, director of research at PrevX.

How does the loss of this data affect the user? Anyone with malicious intent, such as ID theft, phishing, or fraud can employ Phreak to steal your private data for as little as $600. The group also boasts about the fact that the data will be received customized to your needs by filtering the results.

This is not the first time that Monster.com is targeted by Trojans. In September last year the same thing happened and representatives from the company said preventive measures would be enforced. Sal Iannuzzi, chairman and CEO of Monster Worldwide commented at the time: "Protecting the job seekers who use our website is a top priority at Monster." The only difference is that this time more sites were targeted. Even though the program used is not malware but a harvesting engine, there are still methods of enforcing security such as CAPTCHAs.

Other Russian hackers have also made the news by initiating an attack on Lithuania.

TAGS:

 hacking | data leak | Russia
Read by 1,105 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Good (3.0/5) 1 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


DNS Flaw Finally Fixed

ICANN Speaks Out Regarding Recent Hacker Attack

NXP Sues Oyster Card Hackers

UK Hacker Gets 9 Years for Bank Fraud

Sony Is Busy: Firmware to Brick PS3, Hacker Attack and Growing Sales

Successful Slovenian Hacker Attack at Nebraska University

SQL Injection Exploits Wimbledon Tennis Tournament Site

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive