:: Deepquest ::

This weekend, hackers stole 1.6 million files from Monster.com, one of the country’s most popular job-searching Web sites, according to a top security company.

Symantec, which produces well-respected anti-virus software that is used worldwide, detected the problem late last week, Patrick Martin, a senior product manager on Symantec’s security response team.

Thursday, the company found some malicious code.

“We saw that it was doing some interesting things with some information over in Eastern Europe,” Martin said. After investigating more, Symantec found that the e-mail addresses and names all had one thing in common  they were stolen from Monster.com.
The hackers’ Trojan virus, which used real employer log-ons and passwords to access information, transferred the data from the site to a server in Eastern Europe.

“The attacks started soon after that,” Martin said. “Whenever you see malicious code harvesting e-mail addresses, we know what’s going to follow  e-mails.”

Almost immediately after Symantec detected the problem, Monster.com users whose e-mail addresses had ostensibly been stolen began receiving “phishing” e-mails. These e-mails, according to Martin, claimed to be prospective employers offering a work-from-home job. All that was needed, the e-mails claimed, was access to the user’s bank account. The e-mails specifically reference Bank of America accounts as well as Monster.com and CareerBuilder.com, another popular job-search site.

“What they did was a slightly more sophisticated attack than we normally see. All of these e-mails have one thing in common  people who have submitted resumes and are looking for a job,” Martin said. “When the user looks at the e-mail  some unknown e-mail that happens to know that they are looking, [they have a] sense of security [and they think,] ‘Wow, this must be legitimate.'”
more from [url=http://abcnews.go.com/print?id=3511384]ABC news[/url]