A Symantec Security Response posting suggests that Monster.com, the huge job hunting website, has been subject to an online attack resulting in the theft of personal data in the form of resumes of its users.
Further investigation revealed that only connections to the subdomains of hiring.monster.com and recruiter.monster.com were being made by the Trojan, both subdomains used by employers searching for potential employees at the site. Importantly, this part of the site requires those recruitment personnel to log in if they want to view any information on candidates. No surprise then, to discover that the Infostealer.Monstres Trojan is using a number of recruiter logins to do just that.