Job seekers beware, you may be feeding data to a Trojan

Beware of TrojanTechWorld | ComputerWorld reports on a variant of the Trojan variant called ‘Prg' that harnesses information from users who fall prey to dubious Job ads and click on them. It was the researchers at Security Firm SecureWorks who first uncovered the Trojan.

A quote from the article at DarkReading:

"The hackers behind this scam are running ads on job sites and are injected those ads with the Trojan," said Jackson. "Thus, when a user views or clicks on one of the malicious ads, their PC is getting infected and all the information they are entering into their browser (including financial information being entered before it reaches the SSL protected sites) is being captured and sent off to the hacker's server in Asia Pacific. This one server is still collecting stolen data and at any one time, we are seeing 9,000 to 10,000 victims sending information to the server."

The hackers have been using numerous techniques to evade detection by antivirus software, and they release newer versions of the Trojan very frequently. What makes the Trojan even more dangerous is that it can sniff data from windows internal memory before data is encrypted, implying that it can circumvent SSL security measures as well.

Once again, the only adage most useful for online security is: Look before you click.


I have come across a variant of this theme. You receive an e-mail, apparently in response to your resume posted in a popular employment website like monster. This offers you enticing positions in Nigeria, never mind if the position has no relevance to your experience or training. When you respond to it you will soon receive an offer of employment, directing you to click a button to go to the Nigerian Visa site. You are told you should apply for a visa by clicking on that button, and your costs will be reimbursed when you relocate to Nigeria. Clicking the button takes you to a page where you are asked to pay about USD 1000 to a Western Union account, using your credit card. The idea is to presumably makde you part with your credit card details, or your money, or both.

Editor's Picks