Two-pronged attack: Argentine site hit by malware and data leak

��� I was browsing through compromised websites used for spreading malware and found one from Argentina which belongs to a veterinary supplier. The admin panel got p0wned and, worst of all, it had a tab with the personal details of people who had posted their CVs (curriculum vitae). So, what exactly has happened? Well, basically lots of confidential information has been leaked and we are talking about home addresses, telephone numbers, details of education centers attended, mobile phone numbers, email addresses, marital status, children and even personal references. This is very bad because the same information can easily be used for all kinds of fraudulent activities: on-line ID theft, targeted attacks and so on. Here are just a few examples of real CVs uploaded and saved on the compromised site:

esed nod32 4 nod32 esed nod32