Connect with us

Hi, what are you looking for?


Crime gang targeted jobseekers across Asia, looted two million email addresses

Group-IB, a cybersecurity firm based in Singapore, recently uncovered a concerning threat group operating in Asia known as “ResumeLooters.” These cybercriminals have been active for the past two months of 2023, targeting websites operated by job boards and retailers across the region.

Employing sophisticated techniques like SQL injection and Cross-Site Scripting (XSS) attacks, the ResumeLooters managed to breach databases on these websites, resulting in the theft of sensitive information. This includes over two million email addresses, as well as names, phone numbers, dates of birth, and even employment history.

While their primary targets were job search websites, the group also set their sights on e-commerce companies, some of which are popular in their respective markets. The attacks, although discovered towards the end of 2023, are believed to have commenced as early as January of the same year.

Interestingly, the cybercriminals utilized XSS scripts on legitimate job search websites, embedding malicious code into web pages to carry out their nefarious activities. While their main objective seemed to be obtaining admin credentials, there’s no concrete evidence to suggest they succeeded in this endeavor.

The majority of victims were located in the APAC region, with India, Taiwan, Thailand, and Vietnam being among the most affected countries. Group-IB’s investigation also uncovered a malicious server containing logs of various penetration testing tools favored by the threat actors.

Further analysis revealed that the email address associated with ResumeLooters led to Chinese-language Telegram accounts, indicating a potential connection to China. This aligns with findings that some comments in the attackers’ code were written in Chinese.

Overall, the activities of the ResumeLooters underscore the ongoing threat posed by cybercriminals in the digital landscape, emphasizing the importance of robust cybersecurity measures to safeguard sensitive data from malicious actors.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Microsoft Teams had a major hiccup on Friday, causing disruptions and various issues for users. The problem started around 11 a.m. EST and quickly...


JetBlue Airways is considering pulling out of its $3.8 billion acquisition of Spirit Airlines following a federal judge’s blockage of the deal in response...


Tesla is pulling back nearly 200,000 cars in the U.S. over a glitch with the backup camera not kicking in when the car’s in...


The former US president Donald Trump is aiming to deal a significant blow to the campaign of the former South Carolina governor as she...