Author Profile Picture

John Stokdyk



Read more about John Stokdyk

US job hunters targeted in blackmail hack


Monster, the world’s largest recruitment website, was left reeling this week when thousands of US jobseekers were targeted in a sophisticated phishing blackmail scam.

American users who had registered with the site received emails last week inviting them to download a Job Seeker Tool from Monster. What they got was a Trojan horse virus that encrypted their files and a message from a group called Glamorous Team demanding a $300 ransom to decrypt their files.

Coverage by Guardian writer Michael Pollit recounted the experiences of several people who were affected by the attack. One of the reasons it proved so effective was that it presented a plausible scenario from a site that would have been known and trusted by its users. What is almost as worrying as the blackmail technique is how the criminals were able to crack the Monster database to get hold of the users’ email addresses.

According to Symantec, which identified a Trojan virus called Infostealer.Monstres on 16 August, the attack started by accessing employer sections of and uploaded details on several hundred thousand people to the remote website.

The second part of the attack spammed the emails harvested with an executable file Trojan.Gpcoder.E, which was carried as an attachment with an icon designed to look like the logo.

When researchers from the UK security company Prevx reverse-engineered the encryption virus and used victims’ details to log into the website where data was being held hostage, they were able to download personal information on several people and decrypt personal data such as system passwords and PayPal account details.

According to Prevx, the attack targeted users in America and appropriated data from around 1,000 PCs.

Author Profile Picture
John Stokdyk


Read more from John Stokdyk

Get the latest from HRZone

Subscribe to expert insights on how to create a better workplace for both your business and its people.


Thank you.

Thank you! Your subscription has been confirmed. You'll hear from us soon.