Hackers Hold Monster.com Users' Files Hostage

Makeuptalk.com forums

Help Support Makeuptalk.com forums:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Oct 22, 2003
Reaction score
Huntington Beach, CA
Hundreds of thousands of people, mostly in the U.S., have been exposed to the risk of file ransom after the Web site of the world's largest online recruiter was hacked.

Personal details stored on Monster.com, a Web site that lists job seekers and job opportunities, were taken after a raid by hackers who posed as employers to gain access to the site.

Having stolen the information, hackers e-mailed the victims claiming to have infected their computers with a virus and threatening to delete files unless demands for payment were met.

In all, more than 1.6 million entries in Monster's system — belonging to "several hundred thousand" members — were taken after the hackers logged in using the details of employers who routinely scour the site for prospective workers, according to the Silicon Valley security firm Symantec.

The information, which included first and last names, e-mail and home addresses and phone numbers, was then used to send "phishing" e-mails to members, apparently from Monster.com, encouraging them to download a tool known as "Monster Job Seeker."

The tool was in fact a malicious program known as a "Trojan," as in Trojan horse, which encrypted files on the victims' machines, making them inaccessible to the computer owner.

A message was left requesting that money be paid to the attackers before the files — which could include photos and other personal documents — would be decrypted.

Symantec, which first reported the breach, said that "such a large database of personal information" was "a spammer's dream."

"This remote server held over 1.6 million entries with personal information belonging to several hundred thousand candidates, mainly based in the U.S., who had posted their resumes to the Monster.com Web site," a posting on the Symantec blog said.

"We are investigating the reports related to this trojan and will take all necessary steps to mitigate the issue, including terminating any account used for illegitimate purposes," a statement from the company said.

Monster.com, based in New York, claims to the be the world's largest online jobs listing site, with 73 million resumes held globally.

It helps place candidates in a range of positions at blue-chip companies including HSBC, Bloomberg, Accenture and T-Mobile.


Wow, that sucks. I think I signed up for one when I was in 8th grade, I didn't even know what I was doing!

Originally Posted by Aprill849 /img/forum/go_quote.gif wow, that sucks I agree. Imagine getting a message like that after you've spent the whole day looking for a job. That's the pits.