"ResumeLooters Target Job Search Sites in Extensive Data Heist"
"ResumeLooters Target Job Search Sites in Extensive Data Heist"
Group-IB researchers have discovered a malicious campaign aimed primarily at job search and retail websites of companies in the Asia-Pacific region. Between November and December 2023, the group called ResumeLooters successfully infected at least 65 websites using SQL injection and XSS attacks. Most victims were in India, Taiwan, Thailand, Vietnam, China, and Australia. The group has stolen several databases containing over 2 million different emails and other sensitive records. ResumeLooters then offered the stolen data for sale on Telegram channels.