Symantec discovers Monster hack

Online security firm Symantec says hackers have stolen information from hundreds of thousands of users of job site

Hackers have stolen the personal information— including home addresses and phone numbers – of several hundred thousand users of online job portal

According to online security firm Symantec Corp., hackers over the weekend used a Trojan Horse virus called Infostealer.Monstres to break into Monster accounts maintained by recruiters and steal their credentials. The hackers used that information to log into as prospective employers and gleaned personal details, including names, addresses and phone numbers, from individuals who had posted resumes to the site.

Many of those individuals were then targeted by a "phishing" scam, wherein they received spam e-mails that asked them to download a fraudulent job seeker tool from Monster. If the individual did so, their computer files were encrypted and held hostage by the hackers, who demanded payment to decrypt them.

Trojans Phishing
are programs that appear to perform one function in order to hide a malicious one. Like the mythological Trojan horse such programs are named after, the deception tricks people into granting them access to a computer. is a technique in which criminals try to trick people into disclosing sensitive information, such as online banking names and passwords, and is often conducted through e-mails.

Symantec said the hackers managed to steal more than 1.6 million entries belonging to hundreds of thousands of users, mostly in the United States. It is unknown how manyCanadians may have been affected.

"We were very surprised that this low profile Trojan could have attacked so many people, so we decided to investigate how the data could have been obtained," wrote Amado Hidalgo, Symantec's security response manager, on the company's blog. "Such a large database of highly personal information is a spammer’s dream."

Symantec said it had informed Monster of the breach and urged users to limit how much contact information they post to such sites. The company also suggested using a disposable e-mail address and never disclosing sensitive details such as a social security, passport or driver's licence number.