Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

monster.com hacked

November 20th 2007 in Uncategorized

Portions of Monster.com went black on Monday after attackers hijacked job listings hosted on the popular employment website and used them to spread malware to visitors, a security researcher said.

the site had been subject to an iFrame attack that was redirecting visitors to servers that hosted exploits from Neosploit, a nasty attack toolkit that competes with better-known packages such as MPack and Icepack.

Yes, the site is reported as being clean at the time the report went live, but here’s the problem.  We don’t know if those responsible for the Monster web site have been able to work out how the bad guys were able to get in and add malicious code to the web site.  If those responsible for the Monster site don’t know how it happened, and if they haven’t taken steps to ensure it doesn’t happen again, then, going on historical incidents, Monster could be hacked again very quickly.

Source: http://www.theregister.co.uk/2007/11/20/latest_monster_security_breach/

Comments are closed.

Spotted on their blog… Yeah, I saw the drop too, but subscribers always seem to drop away on weekends anyway, so I didn’t think that much of it.

Previous Entry

Yep, they know what’s going on… And, I’ve received an email response (via my blog’s Contact Me link, not in response to the email that I sent). In all fairness, I’ll show you the response that they sent – it’s only fair that they get the right of reply.  Please forgive the blocking […]

Next Entry