Author Topic: All ur resumes r belong to us...  (Read 1973 times)

Offline W1nTry

  • Administrator
  • Akatsuki
  • *****
  • Posts: 11329
  • Country: tt
  • Chakra 109
  • Referrals: 3
    • View Profile
  • CPU: Intel Core i7 3770
  • GPU: Gigabyte GTX 1070
  • RAM: 2x8GB HyperX DDR3 2166MHz
  • Broadband: FLOW
  • Steam: W1nTry
  • XBL: W1nTry
All ur resumes r belong to us...
« on: November 21, 2007, 09:33:24 AM »
So... find a job on Monster.com lately?
Quote
Hackers jack Monster.com, infect job hunters
Monster.com compromised by an IFrame attack

By Gregg Keizer, Computerworld, 11/20/07

Monster.com took a portion of its Web site offline Monday as researchers reported that it had been compromised by an IFrame attack and was being used to infect visitors with a multi-exploit attack kit.

According to Internet records, the Russian Business Network (RBN) hacker network may be involved.
Read the latest WhitePaper - SMB Guide to Backup Best Practices

Parts of the Monster Company Boulevard, which lets job hunters search for positions by company, were unavailable Monday; by evening, the entire section was dark. Most major American companies are represented on the site -- Google Inc.'s cache of the page that shows only those firms that begin with the letter B, for example, included Banana Republic, Bank of America, Black & Decker, Boeing, Broadcom and Budget Car Rental.

Job seekers who used Monster's by-company directory on Monday before the site was yanked were pounced on by Neosploit, an attack tool kit similar to the better-known Mpack, said Roger Thompson, chief technology officer at Exploit Prevention Labs Inc.

"A typical infective URL was http://company.monster.com/toyfs/, which is Toyota [Financial's] section]," said Thompson in an instant message exchange Monday night. "Or http://company.monster.com/bestbuy, which is Best Buy's."

The injection of the malicious IFrame code into the Monster.com site probably happened Monday, he added. "It was interesting that we got five or so hits in the space of a few hours today, but none before that. I think it happened today."

Like many other IFrame exploits, this one silently redirected the user's browser to another site hosting Neosploit. In the case of at least one of the exploit sites Thompson identified, there's a connection to the notorious RBN, the hacker and malware hosting network that recently shifted operations to China, then mysteriously abandoned the IP blocks it had acquired in China, seemingly vanishing from the Internet.

The IP address of the exploit site is assigned to a server in Australia that is part of the "myrdns.com" domain. That domain, in turn, is registered to a Hong Kong Internet service provider called HostFresh Internet. Both HostFresh and myrdns.com have been linked to RBN activities, including the long-running IFrame Cash scheme, in which RBN pays small site owners a commission for injecting IFrame exploits on other sites.

According to an anonymous blogger who tracks the RBN, other myrdsn.com/HostFresh IP addresses were involved in the Bank of India hack in August.

Thompson said he had just started digging into the Monster.com hack on Monday afternoon. "It is not clear how many pages were affected, but it is likely that the attack was the same for all companies on the site, which might turn out to be a pretty good set of the Fortune 500," he said on his blog.

Maynard, Mass.-based Monster.com last made security news in August, when the company acknowledged that hackers had looted its database for weeks, perhaps months, then used that information to craft and send targeted e-mails that pitched money laundering jobs or tried to trick recipients into downloading malware.

Monster.com was not available for comment Monday night.

Carigamers

All ur resumes r belong to us...
« on: November 21, 2007, 09:33:24 AM »

Offline Crixx_Creww

  • Akatsuki
  • *****
  • Posts: 9057
  • Country: 00
  • Chakra -12
  • ANBU OF THE HIDDEN VILLAGE FOAK
    • Atari 2600.
  • Referrals: 11
    • View Profile
    • www.crixxcrew.com
  • CPU: Intel Q6600 @3.2 Ghz
  • GPU: Nvidia Xfx geforce 9800GTX+
  • RAM: 8 Gigs Mixed kingston and corsair ddr2
Re: All ur resumes r belong to us...
« Reply #1 on: November 21, 2007, 09:45:32 AM »
lawllllll

FOR MOTHER RUSSIA!!
and the chinese in on it too.... hmmmm might get bush trigger finger itchy lol

Carigamers

Re: All ur resumes r belong to us...
« Reply #1 on: November 21, 2007, 09:45:32 AM »

 


* ShoutBox

Refresh History
  • Crimson609: yea everything cool how are you?
    August 10, 2022, 07:26:15 AM
  • Pain_Killer: Good day, what's going on with you guys? Is everything Ok?
    February 21, 2021, 05:30:10 PM
  • Crimson609: BOOM covid-19
    August 15, 2020, 01:07:30 PM
  • Shinsoo: bwda 2020 shoutboxing. omg we are in the future and in the past at the same time!
    March 03, 2020, 06:42:47 AM
  • TriniXjin: Watch Black Clover Everyone!
    February 01, 2020, 06:30:00 PM
  • Crimson609: lol
    February 01, 2020, 05:05:53 PM
  • Skitz: So fellas how we go include listing for all dem parts for pc on we profile but doh have any place for motherboard?
    January 24, 2020, 09:11:33 PM
  • Crimson609: :ph34r:
    January 20, 2019, 09:23:28 PM
  • Crimson609: Big up ya whole slef
    January 20, 2019, 09:23:17 PM
  • protomanex: Gyul like Link
    January 20, 2019, 09:23:14 PM
  • protomanex: Man like Kitana
    January 20, 2019, 09:22:39 PM
  • protomanex: Man like Chappy
    January 20, 2019, 09:21:53 PM
  • protomanex: Gyul Like Minato
    January 20, 2019, 09:21:48 PM
  • protomanex: Gyul like XJin
    January 20, 2019, 09:19:53 PM
  • protomanex: Shout out to man like Crimson
    January 20, 2019, 09:19:44 PM
  • Crimson609: shout out to gyal like Corbie Gonta
    January 20, 2019, 09:19:06 PM
  • cold_187: Why allur don't make a discord or something?
    December 03, 2018, 06:17:38 PM
  • Red Paradox: https://www.twitch.tv/flippay1985 everyday from 6:00pm
    May 29, 2018, 09:40:09 AM
  • Red Paradox: anyone play EA Sports UFC 3.. Looking for a challenge. PSN: Flippay1985 :)
    May 09, 2018, 11:00:52 PM
  • cold_187: @TriniXjin not really, I may have something they need (ssd/ram/mb etc.), hence why I also said "trade" ;)
    February 05, 2018, 10:22:14 AM

SimplePortal 2.3.3 © 2008-2010, SimplePortal