Comments on: eBay was not hacked this weekend

By: Sue Bailey

Sue Bailey — Fri, 22 Feb 2008 10:12:59 +0000

Thanks for your comments, Alex. I should just say that neither Chris nor myself work for eBay, eBay have no control over what we write here, and we write as we find. If that’s too pro-eBay for some, well, so be it

By: Alex Illner

Alex Illner — Fri, 22 Feb 2008 05:10:26 +0000

It is refreshing to finally read some comments by people that seem to critically evaluate information from and about ebay rather than to just take it at face value.

It does much to legitimize tamebay as a blog with a voice for all, rather than make it appear as an ebay mouth-piece to spread and affirm ebay corporate spin.

By: Firemeg

Firemeg — Sun, 25 Feb 2007 14:58:59 +0000

Several hundred? That number is up a bit. The largest amount of listing that I’ve seen this week from one scammer is 3500+ simultaneous auctions. eBay eventually got around to removing them after several hours, but they stayed in search for much longer.
http://firemeg.blogspot.com

By: TameBay : Hacking, taunting and eBay security

TameBay : Hacking, taunting and eBay security — Sat, 24 Feb 2007 13:22:26 +0000

[...] It’s been a fairly hectic week for eBay with stories flying around re security on the site. A few of them are on auctionbytes (twice), The Register (twice) and pretty much every other eBay related news site going. So it’s time to look at the facts. [...]

By: Helen

Helen — Fri, 23 Feb 2007 11:04:14 +0000

After Durzy’s admission yesterday that Vladuz HAS accessed eBay staff systems I assume we can all agree that the eBay statement you quoted in the original post â€œthat the eBay site has not been hacked or compromised in any wayâ€ was not entirely truthfull?

Now we can all rest easy since the eBay statement yesterday saying, in effect, “the successful hack that happened ages ago that we were denying completely until now wasn’t that bad really and nobody needs to worry.”

Yea I trust ‘em!

By: Abby

Abby — Wed, 21 Feb 2007 23:16:06 +0000

Someone is playing a game with ebay.

A conservative estimate would be that 600 unique sellers account were hi-jacked by this person and have been used so far.

Around 300 unique selling account were discovered hi-jacked on Sunday (18th Feb). Around 100 on Tuesday (20th Feb). Around 200 on Wed (19th Feb, today).

It is clear that the hi-jacker wanted to be caught, he made it simple and made sure that each new ‘wave’ of hi-jacks were linked to previous ones.

I’d assume there is a lot of profit to be made in hi-jacked accounts. Why ‘waste’ (for want of a better word) this many accounts?

Because he is proving a point and playing a game.

How many more accounts does he have?

What will he do with the ones he does not want discovered?

Clearly large-scale. And ebay have been slow to respond.

By: TameBay : Britney Spears’ hair not for sale on eBay

TameBay : Britney Spears’ hair not for sale on eBay — Wed, 21 Feb 2007 01:29:52 +0000

[...] Rumours have been flying around that eBay themselves spread the “Britney’s hair on eBay” story, to deflect interest in the news concerning compromised accounts over the weekend. We’re happy to confirm that the Britney hype did not originate from eBay’s PR team. [...]

By: DOC

DOC — Tue, 20 Feb 2007 20:38:28 +0000

Yep.. Internal Redirects are a big problem on eBay!

What eBay is not telling us is, There are a lot of internal redirects leading new and inexperienced site visitors off to look alike sites where “no scam warnings are posted” A newbie will fall into this cleverly baited trap in a new york minute!

Review these articles on how it is being done.
http://www.ebaymotorssucks.com/iiwasp-com-2.htm
http://www.ebaymotorssucks.com/asrcs-com.htm

There are fake sign in links in eBay ME Pages as well. I have seen plenty of them!

When the physhing is Internal On eBay’s Site it’s hard to blame it on the users opening emails and clicking on links!

Another favorite is to list a car with a pornographic photo, clicking on the listing brings up a phony sign in page!

This one had the link code messed up so who ever looked at it got mooned but good!
http://www.ebaymotorssucks.com/danield418.htm

eBay is making $$$ hand over fist.. They need to spend some of it policing and cleaning up their site!

BTW: Appologies for the Sensord Comment. Guess my previous posting was delayed because of the links.

By: dimes

dimes — Tue, 20 Feb 2007 19:40:32 +0000

eBay uses semantics to hide its site security problems.

However it defines the word “hacked”, it is apparently excluding the social engineering scams that use embedded javascript within eBay item listings to steal personal data from eBay customers.

1. Users already logged in to eBay are asked to login again when they land on poisoned eBay listings.

2. These users did not respond to phishing emails, and may never have received a single spoof email.

3. The users dutifully login again on what appears to them to be a legitimate eBay login screen.

4. The login screen isn’t eBay’s at all, despite the fact that it was presented to the user from a listing screen within eBay.

5. Because the users are returned to the real eBay site after giving away their ID/passwords, they are unaware they’ve just been robbed.

6. The users later find out, to their dismay, that their eBay accounts (and possibly credit card data and/or paypal accounts) have been hijacked by criminals who got their info while the users were browsing on eBay.

Since this method of identity theft does not depend on eBay being “hacked”, perhaps a new word is needed to define the problem – maybe “scamBayed”?

By: Firemeg

Firemeg — Tue, 20 Feb 2007 06:39:50 +0000

This may have been an instance of a well orchestrated scam that got user info from phishing…or not. We will never know. Taking eBay’s word for it is beyond ridiculous. An eBay spokesperson said that the Prosperpoint breach was a result of phishing which was a blatant lie. Why should we trust them in this case?

By: DOC

DOC — Tue, 20 Feb 2007 02:45:30 +0000

Nice Sensored Blog You Have Here.. That’s OK.. eBay will have it’s day sooner or later.. It’s only a matter of time!

DOC

By: sunny martin

sunny martin — Tue, 20 Feb 2007 01:05:38 +0000

I agree with the poster above. It sounds to me that it was a phishing exercise. It wouldnt be that difficult to achieve hundreds of hits through eBay because of the high numbers of users.

I am not a huge fan of eBay as I stopped seller their a while back but I think if people bothered to visit their help pages they would find loads of info on how to minimise the chances of being caught out like this.

A lot of people dont protect their pcs from attack but they wouldnt leave their front doors open would they? We should be as concerned about pc security as we are about our household possessions.

By: Huddersfield_lass

Huddersfield_lass — Tue, 20 Feb 2007 00:30:19 +0000

I was one of the people involved in trying to warn sellers about this yesterday. In response to Eddie – these were very high value items and most sellers only had at most a couple of items listed. Even those who did only had a few of their listings compromised, not all of them. The number of listings in this case therefore is, in effect much the same thing as the number of accounts – nearly all the ones I saw were one listing to one account.

In my opinion this was a phishing exercise, but quite a sophisticated one, which did not involve clicking on, or responding to anything in emails.

I think the most sensible thing anyone who is worried about this, and who has listed a high value item recently (even or especially if it has finished and you are not regularly checking ebay) is to check your pc is free from keystroke loggers and change all your ebay and paypal passwords.

By: DOC

DOC — Mon, 19 Feb 2007 22:42:00 +0000

Uh Huh..

Sure they were not hacked.. Like you expect a sleazy bunch like eBay to tell you the truth??

Look over the recent hacked pages we have captured, and the severity of it. Then tell us it ain’t so..

http://www.ebaymotorssucks.com
http://www.ebaymotorssucks.com/rflello.htm

By: Eddie

Eddie — Mon, 19 Feb 2007 20:49:52 +0000

Was it several hundred accounts though, or did Chinese Whispers take place ?

I ‘watched’ the events unfold, and at its peak there were reports of several hundred auctions (not accounts), some members were frustrated at the ability to only report 10 auctions at a time.

Several hundred accounts would indicate many more than several hundred auctions, this was not the case.