A security researcher at SecureWorks has uncovered a data cache stolen by a variant of Prg, a Trojan program. Many of the victims were infected by visiting jobsearch sites, including Monster.com
The stolen data, which was taken from about 46,000 individuals, includes bank and credit card account information and Social Security numbers, as well as usernames and passwords for online accounts.
Don Jackson, the SecureWorks researcher who found the collection, said it was the largest single cache of data he discovered from the Prg Trojan, a piece of malware first seen in the wild in June. According to Jackson, the server he examined is still collecting stolen data, with up to 10,000 victims feeding it information at any particular time.
That server is one of 20 similar servers worldwide that are collecting and storing data stolen by Prg. Twelve of those servers – including the one with the large data cache – are being managed by a single hacking group known for naming their attacks after car manufacturers such as Bugatti, Ford and Mercedes, Jackson said.