TulipTools Internet Business Owners and Online Sellers Community

Quote:Miscreants have unleashed a new strain of a sophisticated Trojan that targets eBay users by feeding them spoofed web pages containing fraudulent information about high-ticket purchases, The Register has learned. It has already contributed to an $8,600 loss by one eBay member.

The Trojan installs a scaled-down webserver on an infected machine that masquerades as eBay and several third-party destinations frequently used to sniff out fraudulent offerings, including Carfax.com, Autocheck.com and Escrow.com.

When a victim browses to one of these sites, the webserver creates a parallel universe of sorts, in which the victim sees counterfeit pages designed to counter fraud protection mechanisms offered by eBay and third-party sites...

Quote:Yet another sophisticated Web-based attack against eBay and its users is being investigated by a Tel Aviv-based security vendor that discovered a similar attack two months ago involving a custom-made bot designed to steal accounts.

Ofer Elzam, Aladdin Knowledge Systems' director of product management, says his firm has determined in the last few days that at least two Web sites, one called Save Our Planet and another called Nova Radio, appear to have been compromised with malicious code that combines to launch an attack against a site visitor. The goal of the attack is to combine code to break in through the browser to the victim's desktop and install a Trojan to collect eBay user account information, if it's found, and connect to eBay to use that account information to commit fraud.

"There are a chain of sites that work together," says Elzam. "One Web page uses a trick with JavaScript to open a size-zero window, which takes content from a third-party site."...