SecureWorks researchers have uncovered a cache of stolen data from 46,000 victims of a variant of the Prg Trojan that has been used to swipe personal information from unsuspecting visitors to job sites. Experts at the Atlanta-based security company said the information includes bank and credit card account numbers, social security numbers and passwords. The victims were infected—and in numerous cases re-infected—by ads on popular, online job sites, including Monster.com during the past three months.
The hackers behind the attack are running ads on the sites and injecting those ads with the Trojan. When an user views or clicks on one of the malicious ads, their PC is infected and all the information entered into their browser, such as financial information entered before it reaches SSL protected sites, is captured and sent off to the hackers server, according to SecureWorks researcher Don Jackson.