Gameover computer Trojan takes hold of Monster.com accounts
- wikimedia commons
Job seekers who put their information onto websites like Jobsite.co.uk will be thinking twice before adding their CVs to any similar sites after news spread that Monster.com accounts are being targeted by a new version of the Gameover computer Trojan.
“A computer infected with Gameover ZeuS will inject a new ‘Sign In’ button [into the Monster.com sign-in page], but the page looks otherwise identical,” a representative from F-Secure told us.
Once the user has entered the authentication info into the rogue screen another page appears asking for sensitive information which has to be divulged through security questions that the screen says needs answering before users can progress to their account. These answers could be used if the real Monster.com site asks the hackers to verify the account user’s identity when they go back into the user’s page.
Targeting Monster.com is a new development for hackers but CareerBuilder.com has been under attack before. Aside from candidates, recruiters using these systems should also be wary, especially if their log on is attached to a spending budget or a bank account.
F-Secure’s researchers have suggested that further security precautions should be taken. “It wouldn’t be a bad idea for sites such as Monster to introduce two factor authentications beyond mere security questions.”
The Gameover Trojan programme has been around for a while now. In February it was announced by Malcovery Security that Gameover was being distributed as an encrypted .enc file which allowed it to bypass network defences. There hasn’t been any comment from Monster.com or from CareerBuilder.com but if you’re information’s on there you should be careful when logging in.