SecureWorks Finds Stolen Data From Prg Trojan - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

SecureWorks Finds Stolen Data From Prg Trojan

SecureWorks' Researcher Don Jackson has uncovered the largest, single cache of stolen data from the Prg Trojan

ATLANTA -- SecureWorks' Researcher Don Jackson, who originally discovered the Prg Trojan with fellow researcher Joe Stewart, (see http://www.secureworks.com/research/threats/prgtrojan/ ) has uncovered the largest, single cache of stolen data from the Prg Trojan. The data , which includes bank and credit card account information, SSNs, online payment account usernames and passwords, etc, is from 46,000 victims who were all individually infected beginning in early May. The victims are being infected and reinfected by ads on leading, online job sites.

“The hackers behind this scam are running ads on job sites and are injected those ads with the Trojan,” said Jackson. “Thus, when a user views or clicks on one of the malicious ads, their PC is getting infected and all the information they are entering into their browser (including financial information being entered before it reaches the SSL protected sites) is being captured and sent off to the hacker’s server in Asia Pacific. This one server is still collecting stolen data and at any one time, we are seeing 9,000 to 10,000 victims sending information to the server.”

“When I first discovered this large cache of data, I couldn’t figure out how the hackers were compromising so many websites, and as a result, infecting so many victims,” continued Jackson. “However, when I uncovered the Trojan-injected advertisements, it made total sense. These job sites get tons of traffic so it is no wonder that the hackers are having such success.”

SecureWorks Inc.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
News
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll