The Trojan responsible for stealing more than 1.6 million personal records from
Monster.com uses that information to build targeted spam that offers recipients lucrative, but illegal, money laundering jobs, said Symantec Corp. Wednesday, August 22. Monster.com, meanwhile, said Wednesday it had shut down the server used to store the stolen resume information. Earlier this week, Symantec fingered Infostealer.Monstres for using stolen Monster.com log−ons to run automated searches. Criminals then used the stolen information to create convincing e−mail messages that contained malicious code. Some of those messages included Banker.c, a password−stealing Trojan horse that monitored the infected PC for log−ons to online banking accounts. But Monstres is also equipped to recruit criminal collaborators. "What we offer you is something more than just a job −− it's the opportunity to earn really big money without having to work much," read one of the messages. Among the job requirements, said the messages, were a new checking account with Bank of America. Although the job offer didn't spell it out in so many words, it's clear that the work involves cleaning out accounts of phishing victims, possibly the very ones hit by the Banker.c Trojan.

Source: Monster.com Trojan recruits 'money mules' from victim pool

__________________