• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 18th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Hackers Target Monster Jobs Website with Gameover Zeus malware

March 28th, 2014 Pushpa Mishra Malware 0 comments
Hackers Target Monster Jobs Website with Gameover Zeus malware
Share on FacebookShare on Twitter

A security firm has revealed that hackers are targeting companies utilizing services of Monster Jobs, a well-known job portal, through a new variant of the Gameover computer Malware. 

Gameover, the malware infecting the employment portal, is similar to the infamous Zeus banking malware whose source code was leaked in 2011. The Trojan steals log-in credentials and other sensitive information by injecting false web forms into the legitimate website when accessed from infected computers.

F-Secure, a security firm that analyzes the virus, phishing, spyware and spam attacks, has reported on its blog that the malware controls the accounts of the victim through a two-phase attack. 

Real page of hiring.monster.com. Image Credit: F-Secure.com

Real page of hiring.monster.com. Image Credit: F-Secure.com

Sean Sullivan, the F-Secure security analyst, notes that the hackers first infect the victim’s system with the malware.

Gameover Zeus gets installed in the usual fashion from bait of some sort: spam or malvertising, exploit kit, bot installer. Once installed Gameover is able to grab information from forms – so the username and passwords as they are typed,” said the analyst.

A computer infected with Gameover Zeus will inject a new ‘Sign In’ button [into the Monster.com sign-in page], but the page looks otherwise identical,” he added.

In the second phase of the attack, the hackers try to gain control over the remaining sensitive information through using a fake security check. This page asks them to select and answer three security questions out of 18. The complete list of questions is available on the F-Security blog.

The blog warned the recruiters to be alert about any such irregularities.

HR recruiters with website accounts should be wary of any such irregularities. If the account is potentially tied to a bank account and a spending budget, it’s a target for banking Trojans,” said the blog.

V3, a technology news site, did try to contact Monster about the malware attack, but was unable to elicit any response from them.

V3 reports that it is unclear how many victims have been ensnared from the attack and quotes Sullivan, as saying, “It’s a peer-to-peer botnet so it’s tricky to count.”

He also added, “There is some excellent analysis from Dell SecureWorks, which details about 24,000 Gameover bots, in July 2012. I haven’t seen any attempts to count the entire Gameover botnet recently, but I’m sure it’s still in the multiple tens of thousands.”

F-Secure feels that Monster could easily contain the malware infiltration if it adopts a robust authentication system that goes beyond mere security questions, perhaps a two-factor authentication.

The two-factor authentication is an increasingly common security protocol adopted by numerous online service providers like Tumblr, Twitter, and Dropbox.

Gameover Trojan programs have recently increased in their activities.

Another security firm, Malcovery Security, reported in early February about a new variant of Gameover being distributed as encrypted .enc file.

During the same month, analysts from Sophos discovered another Gameover variant with a kernel-level rootkit component.

Follow @HackRead

  • Tags
  • Malware
  • Monster Jobs
  • Spyware
  • TROJAN
  • virus
  • Zues
Facebook Twitter LinkedIn Pinterest
Previous article Famous South Korean Search Portal NAVER Hacked, 25 Million accounts Hacked Using Stolen Data
Next article Anonymous threatens cyberattack on Albuquerque Police Department for shooting and killing homeless man
Pushpa Mishra

Pushpa Mishra

Pushpa is a Dubai based scientific academic editor who worked for Reuters' Zawya business magazine and at the same time a passionate writer for HackRead. From the very first day she has been a blessing for team Hackread. Thanks to her dedication and enthusiasm.

Related Posts
Malware vendor returns with yet another nasty Android malware

Malware vendor returns with yet another nasty Android malware

Pakistani Android users hit by spyware campaign with malicious apps

Pakistani Android users hit by spyware campaign with malicious apps

Fake Trump's scandal video campaign spreading QNode RAT

Fake Trump's scandal video campaign spreading QNode RAT

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
'Child's Play' - Kids breach and bypass Linux Mint screensaver lock
Security

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

897
Transferring data between smartphones seamlessly
Technology News

Transferring data between smartphones seamlessly

618
Infamous cybercrime, carding market Joker's Stash is shutting down
Cyber Crime

Infamous cybercrime, carding market Joker's Stash is shutting down

1145

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us