Romanian Detained Over eBay Cyber Fraud

Romanian detained over a $3 million cyber fraud against eBay Inc.

Very interesting article from abc news:

Romanian authorities have detained a man suspected of committing cyber fraud worth $3 million against the company eBay Inc.

Organized crime prosecutors say Liviu Mihail Concioiu is being investigated for “phishing” attacks against 3,000 of eBay Inc. employees.

They said Thursday that Concioiu allegedly stole the employees’ IDs and passwords in 2009 and accessed company files, including an application with the data base of eBay clients and their transactions. Concioiu then used “phishing” sites to access the accounts of about 1,200 eBay users.

It would appear the ebay database has been hacked, cracked, and zombied AGAIN.

(or is that still?)

Also notice how the term ‘phishing’ is constantly used.  ebaY doesn’t like the “H” word it seems. But “phishing” alone does not get you access to the files and data described. We call that “HACKING

rotflmao! Who could imagine?

It also tells us that ebay employees must not be too savvy if they are falling for whatever tricks are being used to gain the logins etc.

No mention of any response from ebay.

With IT’s long and repeated history of such events, you should ask yourself whether you trust this unsafe outfit with your personal and financial data?

Who could imagine?

The long uncorrected xss flaw rears it’s ugly head again!

Auctionbytes reporting that has again discovered listings with the malicious coding, this time with a virus twist.

The most important and telling quote of the article:

“They used javascript and java to address a known vulnerability; user’s computers were affected by just viewing the respective listings,”

See that part about “…just viewing the respective listings…” ?

That is one of the main reasons I advocate avoiding ebaY at all costs. Another is that they BLAME the USER for their own failures! Furthermore, they refuse to correct the flaw! Make no mistake, ebaY is a dangerous, untrustworthy, and dishonest website. Of that there is proof beyond the slightest shadow of a doubt!

ebaY is HACKED! Yes! ebaY is still HACKED!!!

Here is the report, with screencapture images, in English at falle-internet

My research indicates this issue has been onging at ebaY for about 10 full years now. Perhaps not under the same name, but indeed cross-scripting has been exploited on ebaY since before it even had that name. Ebay has been aware of the issue for that long also.  Since looooong before the US-CERT warning was posted. Bear in mind there are many variants of this exploit possible to use. It’s been used also for the redirects, and for cookie-stealing etc. The possibilities are only limited by the hacker’s imagination and ebay’s steadfast refusal to secure it’s festered site

I’ll be posting another video demonstrating the +/- 10 year longevity of the xss flaw on ebaY before long at the Cappnonymous channel

Very interesting article by Bruce Schneier in yesterday’s Wall Street Journal.

Reminds me of a so-called “Glitch” which occurred with PayPal not long ago and was rumoured to have been the result of malicious coding by a disgruntled employee facing layoff.

Thwarting an Internal Hacker

Rajendrasinh Makwana was a UNIX contractor for Fannie Mae. On Oct. 24, he was fired. Before he left, he slipped a logic bomb into the organization’s network. The bomb would have “detonated” on Jan. 31. It was programmed to disable access to the server on which it was running, block any network monitoring software, systematically and irretrievably erase everything –and then replicate itself on all 4,000 Fannie Mae servers. Court papers claim the damage would have been in the millions of dollars, a number that seems low. Fannie Mae would have been shut down for at least a week.

Luckily –and it does seem it was pure luck – another programmer discovered the script a week later, and disabled it.

Insiders are a perennial problem. They have access, and they’re known by the system. They know how the system and its security works, and its weak points. They have opportunity. Bank heists, casino thefts, large-scale corporate fraud, train robberies: many of the most impressive criminal attacks involve insiders. And, like Makwana’s attempt at revenge, these insiders can have pretty intense motives – motives that can only intensify as the economy continues to suffer and layoffs increase.

Insiders are especially pernicious attackers because they’re trusted. They have access because they’re supposed to have access. They have opportunity, and an understanding of the system, because they use it – or they designed, built, or installed it. They’re already inside the security system, making them much harder to defend against.

read more

Update: 09-2-2007 =/- 16:30 PDT.

More Hacking kits found on ebay…

Online auction site, eBay, is unwittingly selling software that is used to hack eBay user accounts and steal personal information, according to research from online security experts PC Tools.

A number of software items for sale on the worlds leading online auction site contain a variety of programs including keyloggers, trojans and other malware making devices that are aimed at helping users hack computers, websites and even individual user accounts.

Despite eBays excellent reputation for ensuring that it protects both consumer safety and privacy, its almost impossible to police every item, said Mike Greene, VP Product Strategy at online security experts PC Tools.

I am certain that the sale of this sort of software on eBay comes as a surprise to most, but the success eBay has also meant that the worlds leading online auction site can also attract the wrong kind of attention, said Greene.

It is ironic that something intended ultimately to steal a consumers identification and financial information is being sold via what is one of the worlds number one targets for the ID theft, said Greene.

continues, with url of now invalid listing.

screen capture of the invalid item page, 640 pixels wide.

Click here for a full sized view

Following a search for the exact terms found in the article,


I quickly located a listing with that exact title.

Here I have a screen capture of what appears most likely to be an identical item for sale

For a full-sized view, click here.

Here is the screencap of that search, in 640 width

For a full sized view, click here

Note a couple of the hilarities such as payment via Paypal and the Square Trade seal.

The seller’s feedback is 100%, so he/she must have some very happy buyers.

Further, whoever wrote that article seems to be a bit out of touch with the sad facts.


09-19-2007 +/- 19:30 PDT

I have located what appears to be the original listing mentioned in the article in Google cache. Here 360 pixels wide. remove _360 to see it full size.

Hacking&Cracking programs best on ebay!

read more | digg story

These data are used to send users a fake “second-chance offer” to get money out of them.

German consumer protection site reports that fraudsters have found a new trick (German text with screen shots) to cheat eBay users by exploiting functionality of the eBay API to gain access to customer data in the eBay database. The eBay API is available to sellers and external service providers and the members’ names must be known to be able to use them.

Translated article from right here

Be sure to visit the link, for complete screen captures and report

If you follow the links in that report, or directly above, the translation link, you will find this nice little quote:

“One accesses directly the eBay data base, because even data of member accounts freshly put on are immediately observable. Tests show that also the members of the eBay management are not protected before the data selection:”

Well.. well… this all has a very familiar ring to it, yes?

Perfect time to point everyone back to last year when the überhacker Vladuz incidents first began.

The so-called “SCO Helper” with the infamous screencaps.

More on that here, and also here, further here

Then follow the trail all the way forward through time.

Ebay is HACKED! Eaten alive from the inside out.

The worms of this apple are feasting. For how much longer until it is nothing but a rotten core filled with writhing maggots?

Allthewhile management denies they have problems?

Meanwhile, each & every person whom visits the site or attempts to conduct any business there is at risk

There have been too many curious events occurring upon ebay for any reasonable person to believe other than the hackers have fee run of the entire inner workings. Regardless of what they say. As we have seen, the ebay record for honesty and truthfullness is dismal at best. As is their record for fair play.

I myself have documented at least 3 cases now of hijacked accounts wherein the accounts became NARU, and the hackers KEPT on listing. Including one episode, documented (sarcastically) on live video even, where the hacker actually somehow resurrected the account then came back from being NARU to continue listing fake items.

Looking around a bit, I see that , or similar events have been reported a few times now. Yet consumers are not being made aware of the troubles, nor are the problems being corrected. They are getting worse and worse.

Boycott ebaY & paypal!

read more