However, as shown in the video, this is nothing all that new…

For best results you’ll want to go to youtube or expand to fullscreen.

Fake eBay Security Shield Phishing Attack & Malware Ongoing Since November 2009

On April 1st, 2010 Red Condor Security blog published an alert regarding a phishing attack on ebaY, said to be hosting trojans and/or other executable malware on ebaY’s own servers.
Cappnonymous demonstrates the attack, and/or variant(s) thereof, has been ongoing since at least November 2009, and/or through more than one vector.

Pages/threads seen here:

Phishing Attack Posing as eBay Security Alert

Re: ebay procedural warning – Excuse Me ???

Malware showing up in eBay today JS:Pdfka-OE

Re: trojans on ebay site…beware (live page) results for :

AboutMe page used to host malicious download link

Properties of malicious/compromised AboutMe page

Virustotal results for :
from 11.08.2009 @ 15.22.23

Update, 05.26.2010

In case no one was paying attention, the file JS Pdfka-OE you see mentioned in the video as being a false positive by a pink has turned out to be a genuine exploit from the looks of things.

It now shows as malicious on half the major virus scanners via So anyone who took eb’s advice got owned.

Still, no announcement, no retraction, update, clarification… no nothing from eb?
I wonder why that is? After all, it’s only literally millions of people’s lives potentially ruined?

I can’t stress this enough, the file was and likely still is being hosted on ebay very own servers, along with the other ‘security shield’, which is still being found on about me pages.

Uploaded with