Tuesday, August 21, 2007

Would You Like A Job With That Virus?

Cyber crooks are targeting a wave of new attacks at people searching for jobs online, security experts warn. Oddly enough, the criminals behind this scam appear to be just as interested in hiring you as they are in hijacking your PC.

Over the course of the past few weeks, virus writers have set their sights on users of job search giant Monster.com and at least one other jobs site with tainted online advertisements designed to install malicious software on the visitors' machines, according to SecureWorks, an Atlanta-based security and research firm.

SecureWorks says that since May, more than 40,000 people have had their personal information stolen -- including Social Security numbers, bank account data and job site credentials -- thanks to a Trojan horse program that was planted in several advertisements running on the jobs sites. Some of these ads required a visitor to actually click on them before the Trojan could do its dirty work, while in other cases the Trojan appeared to swing into action as soon as the page hosting the ad was served, researchers found.

SecureWorks researcher Don Jackson said the Trojan was developed using a toolkit sold in black market forums under the name "icepack." The toolkit is similar to the Mpack toolkit that surfaced earlier this year. It generates Trojans that probe for the absence of several software security updates holes that then permit the program to deliver its viral payload. Among the many weapons in its arsenal are exploits for recently patched security vulnerabilities in Apple's QuickTime and Microsoft's Windows Media Player. It also includes exploits for multiple Web browsers, including Internet Explorer, Firefox and Opera. ...

Read more ...
Brian Krebs on Computer Security
The Washington Post Company

No comments: