Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Hackers target recruitment sites for infecting visitors

Tier-3 : 13 June, 2008  (Technical Article)
High level positions targetted by hackers to by gaining access to their computers through infecting recruitment agency web sites
Tier-3 says that newswire reports that recruitment sites are being used by hackers to infect users with malware and other security threats reflect the increasingly devious approach that hackers are taking.

'MessageLabs have discovered that hackers are exploiting the current credit crunch, and the fact that many senior people's careers are stagnating as a result. They are luring people with the promise of new jobs and higher salaries, but all users end up with is an infected PC or worse,' said Geoff Sweeney, Tier-3's CTO.

According to Sweeney, the IT security vendors' research has uncovered a legitimate ad on a large Australian recruitment Web site that is being referenced by an RTF (rich text format) letter with an embedded Adobe PDF file.

'Internet users think the email and its associated RTF file are genuine, but they end up infecting their PCs with a Trojan that opens their machines up to remote hackers,' he said.

'Problems start to occur when users click through on the Adobe PDF and wait for their screen to update. This, of course, doesn't happen, but the machine is really being infected in the background,' added.

Sweeney went on to say that hackers appear to be targeting senior managers and even board level executives with the emails, As a result, the recipients think the email-shot is genuine and do not suspect anything.

We have witnessed this sort of attack vector in corporations now for sometime as the combination of social engineering and stealth malware has an extremely high infection rate as it lowers both the end users guard and can bypass most antivirus and content checking systems.

'The problem with these types of infection is that they are almost impossible to stop owing to human psychology. With behavioural analysis IT security technology, however, even if the user clicks on the embedded PDF, behavioural analysis software can recognize and suspicious activity immediately,' he explained.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo