From Bytes in Brief:
On August 17, 2007, Symantec Corp. security analyst Amado Hidalgo announced that a new Trojan horse called Infostealer.Montres had stolen more than 1.6 million records belonging to several hundred thousand people from Monster.com’s job search service. The personal information filched from Monster.com included names, e-mail addresses, home address, phone numbers and resume identification numbers. Hidalgo traced the data to a remote server used by the attackers to store the stolen information. The attackers infiltrated Monster.com by using legitimate logins, likely stolen from recruiters and human resource personnel who have access to the "Monster for employers" areas of the site. Once inside, the Trojan horse ran automated searches for resumes of candidates located in certain countries or working in certain fields. The results were then uploaded to the attackers' remote server. That data has been used to target Monster.com users with credible phishing mail that plants more malware on their machines. The first piece of malware, dubbed Banker.c by Symantec, is a run-of-the-mill information-stealing Trojan horse that monitors the infected PC for logons to online banking accounts. When it sniffs a logon in process, Banker.c records the username and password, then transmits the data back to the hacker. Gpcoder.e, on the other hand, is "ransomware,"
the name given to Trojan horses that encrypt files on the hacked computer, then hold those files hostage until the user pays a fee to unlock the data. Infostealer.Monstres' second-stage attack, which uses Gpcoder, is especially insidious. Realistic-looking e-mails that contain convincing personal information -- the very information stolen from Monster.com -- instruct the recipient to download a program called "Monster Job Seeker Tool." There is no tool, of course; victims download the ransomware Gpcoder.e instead. Hidalgo's research led him to conclude that the three pieces of code -- Infostealer.Monstres, Banker.c, and Gpcoder.e -- are related, and probably the work of a single group. In response to the breach, Monster.com has announced that the rogue server used by the attackers was identified and shut down. The website has also posted information for its users regarding what e-mail are legitimate and which are likely phishing at http://help.monster.com/besafe/ The information about the Trojan horse from Symantec may found at http://www.symantec.com/enterprise/security_response/weblog/2007/08/a_monster_trojan.html
and Monster.com’s press release may be found at http://phx.corporate-ir.net/phoenix.zhtml?c=131001&p=irol-newsArticle&ID=1042977&highlight=
LEGAL RESEARCH HAS ITS OWN ROBIN HOOD
Carl Malamud, a self-styled Robin Hood of the information age, has embarked on an ambitious project to make more that 10 million pages of case law available free online. In early August 2007, Malamud began using advanced computer scanning technology to copy decisions, which have been available only in law libraries or via subscription to Thomson West and LexisNexis. The project is his latest effort to build public works projects accessible via the Internet with the specific plan to force the federal government to make information more publicly accessible. Malamud placed the first batch of 1,000 pages of court decisions from the 1880s on his website public.resource.org. According to him, he obtained the documents from a used Thomson microfiche. While 1,000 pages may seem like a slow start, Malamud has a significant track record in battling publishers over public information. In 1994 he began a crusade that ultimately persuaded the federal government to make records from the Securities and Exchange Commission and the Patent and Trademark Office available online to the public at no cost. Malamud believes that the control of publishing court rulings subverts the original intent of the framers of the Constitution by making the nation’s laws difficult to obtain by those outside the legal profession. More information regarding Malamud’s projects may be found at http://public.resource.org/
No comments:
Post a Comment