November 23, 2007 -- (WEB HOST INDUSTRY REVIEW) -- Job-search portal Monster.com (monster.com) confirmed this week that it has taken down a portion of its online job search service after attackers hacked the site and used it to spread malware to visitors.
Roger Thompson, chief technology officer at Exploit Technology Labs, says he first noticed the Monster Company Boulevard section of the site was inaccessible around 5:00 p.m. EST on Monday. Several hours earlier, Thompson discovered that the site had been subject to an iFrame attack that was redirecting visitors to servers that hosted exploits from Neosploit. Thompson detected the attack through data anonymously submitted through LinkScanner, an Exploit Prevention Labs' product that warns Web users when they reach dangerous online destinations.
Thompson says that at least one of the exploit sites he identified has a connection to the Russian Business Network, a hosting provider that reportedly hosts criminally-related sites, which recently shifted operations to China after being dropped by its upstream service providers.
A representative from Monster.com says the company is aiming to beef up its website security but the issue should not affect users running Windows with the most recent security updates from Microsoft.
