CareerBuilder Cyberattack Delivers Malware Straight To Employers

An anonymous reader writes: Security threat researchers Proofpoint have uncovered an email-based phishing attack which infected businesses with malware via the CareerBuilder online job search website. The attack involved the hacker browsing job adverts across the platform and uploading malicious files during the application process, titling the documents "resume.doc" and "cv.doc." Once the CV was submitted, an automatic email notification was sent to the business advertising the position, along with the uploaded document. In this case, Proofpoint found that as a business opens the automatic email from CareerBuilder to view the attached file the document plays on a known Word vulnerability to sneak a malicious code onto the victim's computer. According to the threat research group, the manual attack technique although time-consuming has a higher success rate than automated tools as the email attachments are more likely to be opened by the receiver.

Re:scripting in a document is bad

[BradleyUffner]

it was a novel idea and i'm sure it solves some problems but having scripting in a document format is simply has too high a price to pay. scripting does not belong in documents!

I'll let all the guys doing web pages know. I guess we'll have to figure something else out.