At the Technical Issues forum on ebaY there is a thread: Warning: Something’s Not Right Here! contains malware.

Here’s the pertinent text:

Never had this happen before, but I was looking at a list of listings for jackets and when I clicked on one of the auctions I got the below message. Now i’m paranoid

Warning: Something’s Not Right Here! contains malware. Your computer might catch a virus if you visit this site.Google has found malicious software may be installed onto your computer if you proceed. If you’ve visited this site in the past or you trust this site, it’s possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.We have already notified that we found malware on the site. For more about the problems found on, visit the Google…

(Followed by a long link of [snipped] gibberish text.)

Sure enough if you go to the link supplied there by the original poster, you’re met with a Reported Attack Site page. Click to enlarge, opens in new tab or window

ebay reported as attack site

This is hardly the first such warning for ebay. They’ve been showing malware, drive-by downloads, trojans and assorted exploits present on ebaY for a long time now at Google’s Safe Browsing page for At this very moment Google shows:

What is the current listing status for

This site is not currently listed as suspicious.

Part of this site was listed for suspicious activity 40 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 361401 pages we tested on the site over the past 90 days, 134 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-08-22, and the last time suspicious content was found on this site was on 2012-08-20.Malicious software includes 10 scripting exploit(s), 10 trojan(s).

Malicious software is hosted on 28 domain(s), including,,

37 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including,,

This site was hosted on 37 network(s) including AS11643 (EBAY), AS4436 (AS), AS20940 (AKAMAI).

I posted a short  video demonstrating this risk last fall. Since then there hasn’t been a single day that ebaY showed malware free.

Then there’s also the grandaddy of them all, the long uncorrected ID stealing xss flaw. Thirteen years now? roflmao!

Make no mistake, the risks along with the consequences are real. In short, if you even land on one wrong page at sleazebay, you’ll spend years cleaning up the mess.

Do you trust this outfit? How can anyone?

The only good reason to visit the ebay site is to close your account if you haven’t done so yet. Don’t forget, ebay’s stated policy is to blame the victims of fraud.


Readers here may want to see this

Antitrust Monopoly Suit Claims eBay Squeezes Out Small Sellers

Monday, December 20, 2010

Courthouse News Service – Bridget Freeland

SAN JOSE (CN) – An antitrust class action claims that eBay abuses its monopoly of online auctions to force out small sellers through new, discriminatory policies that favor eBay’s larger sellers – and can subject small sellers to “feedback extortion.” Because a few negative comments from buyers can get small sellers kicked out of eBay, “unscrupulous buyers are using this power of … rating to force sellers to provide them items and services which are over and above what they have paid for,” according to the federal complaint.

The class claims that “eBay controls in excess of 90% to 98% of the online auction market,” and is “currently ranked as the 16th most popular Web site on the Internet.”

It says eBay is abusing its monopoly power by implementing an unfair and discriminatory policy that is “destroying the business and livelihood of many well established, small eBay auction sellers.”
eBay recently has subjected sellers to strict rating regulations and unfairly suspended or closed their accounts without grounds – destroying people’s businesses and livelihood, according to the complaint.

The class claims that beginning in May 2008, eBay implemented a “Detailed Seller Ratings Policy” (DSR) allowing buyers to rate sellers’ services “on a one to five star scale,” based on the accuracy of the item description, communication with the buyer, shipping speed and charges. This year eBay modified its rating policy, adding requirements that “undermine the ability of small auction sellers to compete with larger sellers,” according to the complaint.

The class claims the new policy severely limits the number of low ratings that a seller can receive and stay active.

“Specifically, defendant eBay now mandates that starting October 2010, all eBay sellers will need to have 1s or 2s for item as described on no more than of 3.00 percent of transactions, and on no more than 4.00 percent for communication, 4.00 percent for shipping time, and 4.00 percent for shipping and handling charges,” the complaint states.

Many sellers who have feedback ratings of 90 to 100 percent “now have restrictions on their accounts or have had their accounts permanently disabled due to low DSR ratings,” the class claims.

When a seller’s account is restricted due to low ratings and the listings are removed from eBay, “a seller is accorded a specific time period in which to rehabilitate his or her DSR ratings,” the complaint states.

But the class claims that this “rehabilitation” is almost impossible if the seller is not allowed to sell products on eBay.

The policy also leaves “sellers vulnerable to feedback extortion,” the complaint states.
It continues: “Just a few negative DSR ratings can destroy a seller’s goodwill and impose severe limitations on the seller’s account. Many unscrupulous buyers are using this power of DSR rating to force sellers to provide them items and services which are over and above what they have paid for.”

The class claims that the “one to five stars” rating system is misleading, in that most consumers would consider “a rating of three as average, and a rating of four as good, with five being excellent.”
A fully satisfied buyer might rate the seller’s services as a four, which is actually low on eBay’s standards, since a seller must “maintain a DSR average of 4.3 to freely operate on eBay,” the class claims.

It claims the ratings are anonymous and that eBay has no mechanism in place to keep competitors from “artificially lowering” a seller’s rating.

Also, the class says, “large sellers are often exempt from DSR penalties that small sellers are subject [to] and/or have a much greater chance of rehabilitating their DSR rating due to the volume of transactions which they conduct.”

Therefore, the class claims, “eBay assumes that larger sellers are more dependable than the small sellers, giving them an arbitrary preference.”

The named plaintiffs – Max Garon, Phil Lentsch, Office Dynamics, Amy Rickel, Fred Rickel and Ben Guz – are all longtime sellers on eBay; all claim their accounts were suspended for no good reason.

Rickel says she tried to sell iPhones on eBay after she ordered them from another seller, though she never actually received them and ended up giving her customers refunds. After she bought another set of iPhones, received them and posted them for sale, eBay unfairly banned her, deemed her “a threat to eBay security” and refused to communicate with her, she says.

eBay then closed her husband Fred’s account – which he used to sell neckties – without explanation, though he had 100 percent feedback rating, the Rickels say. They claim that eBay sent an email to all of Fred Rickel’s clients informing them that he too was “a threat to eBay security.”

“The email went on to say that if the customers wished to receive their money back, even if they had already obtained their purchased item, they could fill out an attached form and the money would be automatically debited from plaintiff Fred Rickel’s PayPal account,” the complaint states.

Garon, who grossed more than $300,000 a year selling “articles relating to the dog training industry,” says eBay unfairly shut down his account after unexpected delays in shipping caused his ratings to drop below 4.3.

Due to eBay’s unfair practices, buyers are forced to pay inflated prices because large sellers no longer must compete with small sellers, who will have no incentive to enter the market for fear that they will be shut down, according to the complaint.

The class demands damages and restitution from eBay for violations of the Sherman Act, unfair competition, tortious interference, trade libel, unjust enrichment and negligence.

The class is represented by Marina Trubitsky of New York, N.Y.

Romanian Detained Over eBay Cyber Fraud

Romanian detained over a $3 million cyber fraud against eBay Inc.

Very interesting article from abc news:

Romanian authorities have detained a man suspected of committing cyber fraud worth $3 million against the company eBay Inc.

Organized crime prosecutors say Liviu Mihail Concioiu is being investigated for “phishing” attacks against 3,000 of eBay Inc. employees.

They said Thursday that Concioiu allegedly stole the employees’ IDs and passwords in 2009 and accessed company files, including an application with the data base of eBay clients and their transactions. Concioiu then used “phishing” sites to access the accounts of about 1,200 eBay users.

It would appear the ebay database has been hacked, cracked, and zombied AGAIN.

(or is that still?)

Also notice how the term ‘phishing’ is constantly used.  ebaY doesn’t like the “H” word it seems. But “phishing” alone does not get you access to the files and data described. We call that “HACKING

rotflmao! Who could imagine?

It also tells us that ebay employees must not be too savvy if they are falling for whatever tricks are being used to gain the logins etc.

No mention of any response from ebay.

With IT’s long and repeated history of such events, you should ask yourself whether you trust this unsafe outfit with your personal and financial data?

As I mentioned in the last post I made here, I’ve uploaded a quick video proving the XSS, cross-scripting, ebayla bug, ebayla virus… javascript exploits by any name have persisted upon the ebaY site for over a full decade. Over 11 years.  Since before the term “XSS” was even born. Ebay has been aware of the issues that long.

Not only that, but they have reversed previous high-visibility public announcements of plans to control the use of active scripting content. In short they went back on their word and more-less buried the announcement thereof.

For best results view at youtube or expand to full screen. There is a complete url list of the pages seen in the video description area there.

I think the video says it all.

Do you trust this outfit with your financial and personal data?

Sure looks that way.

Cut to the quick here at the forum, and/or here at the law firm’s site, see and read a little more about it here.

That is all.

Consumerist has a hilarious ebaY related article.

Scammers and/or hackers have set up fake ebaY customer service chat sites. They almost seem to be better than the real thing.

Reading the actual chat transcript it also would seem the scammer-hackers have some way into various parts of ebaY not accessible to the rest of us.  We’ve recently seen the hackers using ebaY APIs to authenticate ebaY logins, as seen in the redirect scam videos.

Furthermore, the real ebaY customer service reps have given very bad advice time and time again

However, as always, there is more to it. Recently Doc of captured a segment on live screenrecorded video concerning the same or very similar issue. He also uncovered quite a few bogus ebay live help and/or ebay livechat and associated  look-alike domain names.

Oh but wait! There’s even more!

That’s right! You see, has had an uncorrected xss flaw since at least October 2007.

No wonder ebaY hides the link for livehelp so well. roflmao!

So again, remember, the entire ebaY-Paypal universe is WRITHING and CRAWLING with pure FRAUD and should be avoided at all costs!

BTW, In case anyone was wondering, YES, the ‘real’ ebaY customer service is a robot, or bot:

I AM DONE WITH EBAY ~ Robots with fake names!

We don't need no stinking badges! LOL!

This is scary stuff while simultaneously a bit amusing.

“That little lock on your browser window indicating you are communicating securely with your bank or e-mail account may not always mean what you think its means.

Normally when a user visits a secure website, such as Bank of America, Gmail, PayPal or eBay, the browser examines the website’s certificate to verify its authenticity.

At a recent wiretapping convention however, security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds designed to intercept those communications, without breaking the encryption, by using forged security certificates, instead of the real ones that websites use to verify secure connections. To use the appliance, the government would need to acquire a forged certificate  from any one of more than 100 trusted Certificate Authorities.

The attack is a classic man-in-the-middle attack, where Alice thinks she is talking directly to Bob, but instead Mallory found a way to get in the middle and pass the messages back and forth without Alice or Bob knowing she was there.

The existence of a marketed product indicates the vulnerability is likely being exploited by more than just information-hungry governments, according to leading encryption expert Matt Blaze, a computer science professor at University of Pennsylvania.”

“If company is selling this to law enforcement and the intelligence community, it is not that large a leap to conclude that other, more malicious people have worked out the details of how to exploit this,” Blaze said.

The company in question is known as Packet Forensics, which advertised its new Man-In-The-Middle capabilities in a brochure handed out at the Intelligent Support Systems (ISS) conference, a Washington DC wiretapping convention that typically bans the press. Soghoian attended the convention, notoriously capturing a Sprint manager bragging about the huge volumes of surveillance requests it processes for the government.

According to the flyer: “Users have the ability to import a copy of any legitimate key they obtain (potentially by court order) or they can generate ‘look-alike’ keys designed to give the subject a false sense of confidence in its authenticity.” The product is recommended to government investigators, saying “IP communication dictates the need to examine encrypted traffic at will” and “Your investigative staff will collect its best evidence while users are lulled into a false sense of security afforded by web, e-mail or VOIP encryption.”

Here is a comedy highlight:
“VeriSign, the largest Certificate Authority, declined to comment.”

Looks like SSL is shot to hell.

Read the entire article. Follow the links there. lol

Law Enforcement Appliance Subverts SSL