Phony Ad On Job Sites Leads To 100,000 Stolen Identities — ID Theft — InformationWeek
He said the latest variant of the Prg Trojan has been running on fraudulent ads on at least two online job sites. One, he said, is Monster.com. Representatives from Monster did not return a request for an interview.
“The hackers behind this scam are running ads on job sites and are injecting those ads with the Trojan,” said Jackson. “When a user views or clicks on one of the malicious ads, their PC is getting infected and all the information they are entering into their browser, including financial information being entered before it reaches the SSL-protected sites, is being captured and sent off to the hacker’s server in Asia Pacific.”
Jackson said one server is still collecting stolen data and they are seeing 9,000 to 10,000 victims sending information to the server at any one time. When someone clicks on the advertisement, they’re taken to a malicious Web page where their computer is infected with the Prg Trojan.
edit: ComputerWorld is reporting it as 1.6M user records.