Trojan Makes Off With Thousands of Identities

Dennis Faas's picture

Need a job? At some point, all of us will be in that very position. However, nobody will ever want their identity stolen, although that's just what's been happening on one of the web's most popular job posting sites.

InformationWeek recently reported the dirty doings of one particular advertising agency responsible for banners on the immensely popular and universal Uncovering the scam was security company SecureWorks, who discovered that one guilty party was responsible for thousands upon thousands of stolen identities. (Source:

How'd they do it?

The thieving group responsible, although unnamed at this time, unsurprisingly used a Trojan virus tactic in order to victimize job seekers. According to SecureWorks, the culprits used variances of the Prg Trojan, also referred to as Ntos, Tcp Trojan, Infostealer.Monstres, Banker.aam, and Zeus.

InformationWeek's primary source on the matter is Don Jackson, a researcher with SecureWorks. Jackson states that his company unearthed some twelve massive data caches, the largest containing an astronomical 46,000 stolen identities. Other, smaller caches included between four and six thousand victims, making for an estimated total of some 100,000. (Source:

The swindled information is dangerous, too. Most of the data includes bank and credit card details, log-ins and passwords, and even social security numbers. Such a treasure trove of information was possible simply by making it so that when a website visitor clicks on an ad, a Trojan is immediately installed upon his or her computer. From that point on, each bit of data entered into a browser can be captured and stored on the hacker's remote server.

The identity theft ring, which reportedly first began collecting names in early May, uses a number of software holes to reach its victims. Although vendors claim to have patched these gaping security wounds, the thieves used flaws in Internet Explorer, WinZip, and even Apple's QuickTime.

Although it seems as if the scam has been put to a halt, there's no word on whether or not those stolen financial details led to missing dollars.

Swindling job seekers? Sounds like kicking someone when they're down, no?

| Tags:
Rate this article: 
No votes yet