eBay users endangered by Trojan-fuelled botnets
September 12, 2007
Internet security researchers from many parts of the world have discovered a sophisticated botnet targeting eBay users, particularly those in the U.K. First identified on Sep. 5, the botnet attackers use a sophisticated Trojan to infect Internet surfers that visit some of the hacked web sites.
The botnet then uses compromised computers and PCs to mount a sophisticated distributed attack on eBay accounts, in an effort to illegally get personal financial information.
The brute force attack also attempts to alter settings in order to place sold items in the wrong hands. For its part, eBay did say that systems it already had in place limit the impact of the attack.
The online auction house said it is working together with Internet security firms everywhere to protect users against the latest assault, which is based on 'brute forcing' techniques that have been "built into bots for years".
"This is a technique we are well aware of (it isn't new) and eBay has many systems in place to detect this type of activity. Our systems detect brute force as well as cross site scripts, and actively monitor for account irregularities," eBay said in a statement.
"eBay has analysed the malware related to this particular botnet and provided information to the major anti-virus vendors, including McAfee, Panda and NOD32, who have already provided protections to their customers. Other Anti-Virus vendors are expected to incorporate these protections as soon as possible."
The auction giant added that while it has taken steps to make its systems secure, users also need to play their part in keeping their systems secure. "Overall, eBay’s online security team also has specific programs in place that constantly evaluate known botnets and track how they evolve so we can proactively limit their ability to impact our site and our community of users. On the other side of the equation, it is critical for internet users to maintain their anti-virus software and use a personal firewall. eBay obviously cannot prevent general online attacks from taking over an individual’s personal PC," it said.
The company added "eBay does not display sensitive financial information, so if a user’s computer and their sign in credentials used on eBay are compromised through whatever means, their sensitive financial data is still protected, reducing the possibility of ID theft.
"As for eBay’s servers, members can be assured that their information is secure; no one has ever 'broken into' one of our servers and stolen information," it added. Researchers at Israeli security firm Aladdin Knowledge Systems agrees that hundreds of popular Web sites, regardless of local language or geography, might still be infecting some visitors.
As well as a 'brute force' assault the hackers behind the attack are also using phishing techniques. Cybercriminals have set up a variety of phishing sites in a bid to give themselves quicker access to an even larger number of accounts.
Aladdin researchers say a high percentage of the threat’s efforts are targeted specifically at UK-based eBay account holders. The Trojan appears to separate its handling of accounts, distinguishing between accounts inside and outside of the US.
Ofer Elzam, director of product management for the Aladdin eSafe Business Unit says "through new infection and attack methods, this targeted threat shows that Trojans are continuing to evolve into extremely dynamic, adaptive tools for online criminals, resulting in a potentially damaging aftermath for its individual victims."
Source: The Register
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing