eBay's security problems: Vladuz and account hijackings via redirect page on eBay
|
02-18-2007, 09:49 AM,
(This post was last modified: 02-18-2007, 09:53 AM by mandy.)
Post: #1
|
|||
|
|||
eBay's security problems: Vladuz and account hijackings via redirect page on eBay
Account hijackings at eBay that may be related to a security flaw on the eBay site.The hijackers are using a redirected page on the eBay site to phish account info.
At least 429 listings from multiple sellers altered/hacked. The hijackers only change to the listings is adding an email address with a message to contact seller via email. Quote:The sellers all had their accounts stolen with this question, Quote:Massive, worldwide, multiple user hijacks http://forums.ebay.com/db2/thread.jspa?t...1000442423&start=0 http://forums.ebay.co.uk/thread.jspa?thr...1200089939&start=0 |
|||
02-18-2007, 04:50 PM,
Post: #2
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
Quote:The hijackers are using a redirected page on the eBay site to phish account info. I Ebay.
OAI Moron Hall of Fame
<i>sell-thru is an irrelevant and illogical consideration.</i> -KaRay, owner of WP giving selling advice, 2006 <i>the site was 'NOT' hacked but the little script that had recipes on had the link altered</i> -Plunderhere Owner Mark Taylor after his site was hacked by a Chinese hacker gang, 2008 Some people have it like that, others dont. I do. -Probidscripts owner Spencer Osama Binweb Laden Ray bragging about his ability to scam the OAI without feeling any guilt, 2008. How does an auction site get buyers? -question asked at PSU by owner of auction site BidBeaver.ca, 2008 How do I get sales? -question asked at PSU by online store owner, 2009. I was told by my Tech. Support that my site dont really need SSL.. his servers are well protected and that info your providing to join aint really top secret information -owner of auction site TheTraderOutlet.com discussig his site's lack of basic security, 2009 |
|||
02-18-2007, 11:11 PM,
Post: #3
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
Quote:Please note the URL Phishers did the same thing using a redirected page on eBay Motors last October. : |
|||
02-19-2007, 03:05 AM,
(This post was last modified: 02-19-2007, 03:08 AM by dimucci.)
Post: #4
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
The Auction Guild, February 1, 2007
http://www.auctionguild.com/generic148.html Cons In Control of ebaY Those of us who have watched ebaY from a users perspective, for many years, have seen an every increasing ability for scammers to manipulate the site. In the last year, this access has gone from being outside manipulation of flaws and stolen personal information, to complete inside control. These are the facts: Every day thousands of listings from China selling brand name counterfeit goods are listed using hijacked accounts. These are usually 1 day listings, the accounts used fit a standard profile and are often accessed in alphabetical order. These listings are for brand name clothing, DVDs, sunglasses, and expand into other categories regularly. The scammer does not need a password to access these accounts. ebaY Motors has ever increasing fraudulent listings. There are redirects from ebaY search results, manipulation of information in valid running listings, and ever more sophisticated cons, in addition to the all American fraud, found in some used car salesmen, that has been a caricature in our society since the advent of the automobile. There is a brilliant hacker/codewriter who uses the moniker Vladuz, who makes ebaY his specialty. He has been writing ebaY hacks since 2003, as far as we can trace. This individual recently sent us a link to his latest hack, a tool that he posted on Firefox's plug ins. There have been several screen shots of ebaY's control utilities database posted on the net, on ebaY and off, all with a visible Vladuz watermark on the pages. Vladuz made the posts on ebaY, as far as TAG can tell. ebaY knows about this problem, and has been removing any threads that appear on their site about it. They just removed a long running thread on ebaY DE, one on which Vladuz has posted on under various guises, including hacked ebaY pink accounts. At the end of December, TAG contacted ebaY through their Trust and Safety live support, and specifically told them what was going on. ebaY cannot say they did not know. Here is what we have theorized based on all we have seen, and the facts we have: Vladuz appears to have written a program that gives the scammers complete access to what we are calling ebaY's back end. This back end is the control utilities database used by ebaY, to track everything on their site, that contains all information about ebaY employees and its users. The following images are samples of what Vladuz has made available to the scammer marketplace. The scammers who have purchased, or otherwise acquired the Vladuz access programs, appear to be able to manipulate the account information of every registered user ID on ebaY. They can monitor in real time what is happening in an account, read email sent through ebaY's system and respond to it through ebaY's system, change any parameter in the user ID account, so, for example, they can receive the PayPal payments the legitimate account holder would have otherwise received. They can add or remove information on a currently running listing without the legitimate account holder knowing it, and conduct business as they please; using all the hijacked accounts they please. No password access is needed. In the article ebay Insider Hijack Scam? we theorized that this was being done by an ebaY insider, as that was the only thing that could explain what we were observing. What we did not realize, and what even TAG found hard to believe, was that the scammers now had insider access, not by working for ebaY, but by using the program built by Vladuz. The Auction Guild, December 16, 2006-January 4, 2007 In trying to analyze what was going on, it appeared that the hijacker or hijackers had to have access to accounts independent of passwords, and have the ability to set account parameters so the legit account holder would not know what was going on. If this is so, it either points to someone working inside ebaY, or to a security hole so big, you can drive a tractor trailer through it. Neither situation is tolerable. whole article: ebaY Insider Hijack Scam? http://www.auctionguild.com/generic146.html |
|||
02-19-2007, 01:43 PM,
Post: #5
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
dimucci, ty for the article!
This is totally.........I can't find words. All owners of hijacked accounts should be aware that ebay is aware of this situation and can therefore be held liable. |
|||
02-19-2007, 05:00 PM,
Post: #6
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
Quote:All owners of hijacked accounts should be aware that ebay is aware of this situation Mass panic would ensue after Ebay made the announcement.
OAI Moron Hall of Fame
<i>sell-thru is an irrelevant and illogical consideration.</i> -KaRay, owner of WP giving selling advice, 2006 <i>the site was 'NOT' hacked but the little script that had recipes on had the link altered</i> -Plunderhere Owner Mark Taylor after his site was hacked by a Chinese hacker gang, 2008 Some people have it like that, others dont. I do. -Probidscripts owner Spencer Osama Binweb Laden Ray bragging about his ability to scam the OAI without feeling any guilt, 2008. How does an auction site get buyers? -question asked at PSU by owner of auction site BidBeaver.ca, 2008 How do I get sales? -question asked at PSU by online store owner, 2009. I was told by my Tech. Support that my site dont really need SSL.. his servers are well protected and that info your providing to join aint really top secret information -owner of auction site TheTraderOutlet.com discussig his site's lack of basic security, 2009 |
|||
02-22-2007, 09:42 AM,
(This post was last modified: 02-22-2007, 09:48 AM by mandy.)
Post: #7
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
Quote:Eagle-eyed conspiracy buffs have pounced on a recent rash of compromised eBay user accounts as proof of a mile-wide hole in the auctioneer's front lines, giving new life to a theory that could one day rival the intrigue surrounding Roswell UFO crashing and Kennedy assassinations... full article: http://www.theregister.co.uk/2007/02/20/...onspiracy/ Letters to the editor: http://www.theregister.co.uk/2007/02/22/...y_letters/ |
|||
02-22-2007, 01:43 PM,
Post: #8
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
Auctionbytes:
Quote:eBay spokesperson Hani Durzy told AuctionBytes on Wednesday that at no time did the fraudster have access to any member's personal or financial information. Durzy said a Romanian had obtained access to a handful of email accounts from some customer service representatives. The only information he had access to was information contained in emails, which did include some screenshots of some backend tools, Durzy said. Email servers are kept separate from servers hosting member data, he said... full article: http://www.auctionbytes.com/cab/abn/y07/m02/i22/s03 |
|||
02-23-2007, 09:54 AM,
(This post was last modified: 02-23-2007, 11:10 AM by mandy.)
Post: #9
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
more from TheRegister:
Quote:A hacker has once again managed to pilfer eBay credentials that allow him to masquerade as an official company representative even as he taunts eBay officials on the company's message boards. It's at least the second time the person going by the name Vladuz has pulled off the prank, which is causing many users to question the adequacy of eBay security... full article: http://www.theregister.co.uk/2007/02/23/...kes_again/ EDIT: Some morons are actually cheering the hacker's crimes. The criminals at the CAPP forum (a cyberstalker infested pit) have taken time out from their daily routine of stalking eBayers and committing auction interference to cheer the hacker in his cyberterror campaign of identity theft and fraud. |
|||
02-23-2007, 08:47 PM,
Post: #10
|
|||
|
|||
RE: eBay's security problems: Vladuz and account hijackings via redirect page on eBay
You left out the words 'low IQ' and 'braindead'.
"Well, Jay was so giddy that someone named Jay was involved with this site we posted our first non-eBay listing in 3 years here at Lunarbid (we tried two items at Yahoo once upon a time, they bombed)" -Marie posting in a LunarBid thread at OTWA in 2005 wins the award for 'most moronic reason ever given for choosing a venue"
"thanks twat u must have nothing better 2 do. do u talk to all your members like that. will not be recomending your site. best way to put it is TULIPTOOLS.COM IS REALLY SHIT. DONT JOIN." -pubescent owner of rinky dink off2auction.com in 2011 |
|||
« Next Oldest | Next Newest »
|
Users browsing this thread: 1 Guest(s)