These continue to be risky times for those using Monster.com to search for jobs. You might remember that hackers targeted Monster.com with a massive phishing attack last August, stealing at least 1.6 million bank account records in the process. Now comes word that the bad guys nailed the site with an iframe injection attack Monday.
“It is … not clear how many pages were affected, but it is likely that the attack was the same for all companies on the Web site, which might turn out to be a pretty good set of Fortune 500 [companies],” he wrote, adding that his lab detected the attack as something cooked up using the Neosploit exploit package. “It is fairly well encrypted,” he said.
Fortunately, he said, Monster caught on quickly and yanked the affected pages down.