14 DAY TRIAL // Yesterday, I wrote an article about the Prg trojan, a dangerous virus that steals data like no other while being impossible to stop by anti-viruses because of its self-mutating code. Prg is still at large and continues to wreak havoc on job search sites.
I decided to write this "Part II" because I think this is a really severe case. And I really hate to say that "I told you so" but this virus is really a problem since now more than 1.6 million records have been stolen from Monster.com, as NetworkWorld informs us. Yesterday, only close to 50.000 people had their data phished but now the number is enormous and this only makes me think - how many more will have to suffer until all this stops? I have no idea how much the numbers will escalate by tomorrow but it's bound to get even worse unless something is done.
Worst thing is, you can't take down all job sites, just in case, and I don't think that everyone would trade data security for possible loss of a job opportunity. The fastest end to this crisis could come if the Police could get their hands on the hackers and then make them remove the viruses. Of course, anti-virus developers aren't idle either, but they don't have a solution as this moment. And they are not to blame, since this trojan is modifying its own code in order to avoid security programs.
But the data theft is only the beginning, the hackers are now doing something more. They are sending e-mails containing the receiver's own info (data stolen from monster.com) in order to convince them that the message is no hoax and then instructing them to download a certain program, as it has been disclosed on NetworkWorld. The software you will download, called "Monster Job Seeker Tool" is infected with Gpcoder which is a cryptotrojan - a type of virus that encrypts data on your PC and then asks for money to dercypt it. This does make things worse, but it may lead to catching the criminals behind all this.
Users should be more cautious, get security software on their machines, and be careful what they download in order to avoid cyber-extortion.