Forgot your password?
typodupeerror
Security

Gameover Malware Targets Job Seekers 42

Posted by Soulskill
from the game-over-man,-game-over dept.
itwbennett writes: "A new variant of the Gameover computer Trojan is targeting job seekers and recruiters by attempting to steal log-in credentials for Monster.com and CareerBuilder.com accounts. Like the Zeus banking malware on which it is based, Gameover can steal log-in credentials and other sensitive information by injecting rogue Web forms into legitimate websites when accessed from infected computers. 'A computer infected with Gameover ZeuS will inject a new 'Sign In' button [into the Monster.com sign-in page], but the page looks otherwise identical,' security researchers from antivirus firm F-Secure said Tuesday in a blog post."
This discussion has been archived. No new comments can be posted.

Gameover Malware Targets Job Seekers

Comments Filter:
  • by Tablizer (95088) on Wednesday March 26, 2014 @08:17PM (#46589149) Homepage Journal

    What kind of genius thief selects the unemployed to steal from? What's next, Pinto owners?

    • to send out word docs loaded with word macro virus

    • by Beardo the Bearded (321478) on Wednesday March 26, 2014 @08:43PM (#46589297)

      Yeah, that's what I was thinking. Are you going to steal my no money? Go right ahead.

      It's like... if someone breaks into my house looking for money and valuables, I'll hand out flashlights, turn on the lights, and we'll all look together.

      My CC is maxed, my LOC is full, my mortgage is full, and my savings are nil. Nothing like getting laid off just after finishing up a divorce.

      • by drinkypoo (153816)

        My CC is maxed, my LOC is full, my mortgage is full, and my savings are nil. Nothing like getting laid off just after finishing up a divorce.

        Yeah, you say that, but if you can find a corrupt court then you can do anything. For example, some mexican gave some other mexican a car under my social security number. No, like, they're both really Mexican, I'm just kinda Mexican. And then a court in Nevada City, CA went ahead and awarded a judgment against me on the basis of a check cashing card with my social written on it. I haven't bothered to deal with it because I'm not trying to buy a house or anything, but I'll probably have to drive for four fuc

    • What kind of genius thief selects the unemployed to steal from? What's next, Pinto owners?

      Many unemployed still have stuff to steal: identity, credit line, bank account, unemployment checks,..
      what they do not have is money to tempt the dark side... (legal types) to defend and advocate for them.

      There have been many analysis of the reason it is low risk and profitable to steel bicycles but
      not $10,000.00 from a bank.

      If the police end up in the presence of cash at the home of a thief they impound it
      and the home and more and slip it ALL into the coffers of the municipality/ controlling agency.

      So croo

    • by mmell (832646)
      The terrible part is - the poor make better targets than the rich. They're less likely to perceive the importance of monitoring their credit rating and financial standing; if a thief can open one line of credit anywhere with the stolen identity, he's won - and a poor individual is not only less likely to catch the fraud quickly, they're less likely to have the resources to force their new "creditors" to admit they've been duped.
    • Its not about being rich, its about being desperate and gullible. Getting a little from 1 out of 20 is better than getting a lot from one out of 20,000.

    • Not everyone on Monster is unemployed.

      I fired my last boss. It was a pay increase, addition of medical, dental, paid relocation, stc.
      Sometimes it is a way to transition from a bad job match.

    • It's not actually that stupid. As a job seeker, I've been worried about this for some time. You basically give someone the "keys to the kingdom" to put your resume and contact info online. It's a lot of exposure. I've seen the same job advertised for months and months on end -- can they find nobody qualified -- or are they fishing for info? It's hard to tell legitimate from crook today, because there isn't that much distinction in behavior.

      I had a call from a company that does contract consulting for a larg

  • ...that's one surefire way NOT to get hired, especially for IT or infosec types of positions.
  • by turkeydance (1266624) on Wednesday March 26, 2014 @08:45PM (#46589303)
    that's what i was told via an iPad.
  • The person clicking the "button" was applying in the computer security domain . Would clicking the "sign in" button disqualify him ?
  • Monster.com is mostly robot email spam hell with equally useless job listings.

    So this is just builds character and makes the site more intriguing and entertaining, kind of like how adding a Wookie makes a Star Wars bar scene more fun.
  • It is impossible to get 0wned unless you physically download something and run it! Ask any slashdoter?

    We all know that running unpatched and ancient browsers like Firefox 3.6 with +100 exploits will not get you owned as that your Anti virus is useless! Just don't open things folks. As long as you do not run the latest IE which is patched you should be fine.
    /

  • Chromebooks, Linux and OSX are left immune.

    I am tired of being left out of all this fun, anyone have the email of the author so I can complain?

    • Sorry, but Malware follows the laws of the market. Supply and demand. As long as your exotic out of the world system has an insignificant market share, no Malware for you, buddy.

Never say you know a man until you have divided an inheritance with him.

Working...