I just came across this blog in SecureWorks (through CyberNet News) stating that a trojan stole data of 46,000 people (1.6 million according to CyberNet News) that includes bank and credit card account information, SSNs, online payment account usernames and passwords and other personal information.
According to SecureWorks, The infection began in early May. The victims are being infected and reinfected by ads on various online job sites. The hackers behind this scam are running ads on job sites and are injecting those ads with the Trojan.
when a user views or clicks on one of the malicious ads, their PC is getting infected and all the information they are entering into their browser (including financial information being entered before it reaches the SSL protected sites) is being captured and sent off to the hacker’s server in Asia Pacific. This server is still collecting stolen data and at any one time, we are seeing 9,000 to 10,000 victims sending information to the server.
How to Detect if Your Computer is Infected
Computers infected with the Prg Trojan will have a backdoor proxy server listening for connections on port 6081. This port is not assigned to legitimate services and is not hidden by the rootkit functionality. If port 6081 is open on your computer, you are likely infected with the Prg Tojan. If anti-virus is not detecting the infection, then you will need to boot the computer into Safe Mode and run another scan. If that fails, manual removal or reinstalling the operating system may be necessary.
Another reason not to use Windows, eh? 
Technorati Tags: SecureWorks, CyberNet, News, Trojan, Monster.com, Virus