Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ebay Hacked, User Info Posted

Posted by CmdrTaco on from the hate-when-that-happens dept.

An anonymous reader writes "This morning a hacker posted the personal contact information and credit card data of 1,200 ebay users on the eBay.com Trust & Saftey forums. eBay pulled the Trust & Safety forums off line, but not before one user made a video of the hacked forums and posted it on youtube.com. eBay response is on the eBay chatter page, and seems to try and down play this "fraudster"'s activity."

3 of 242 comments (clear)

  1. hacked? by koogydelbbog · · Score: 3, Interesting

    are they sure ebay itself was hacked?

    i only ask because i had a better-than-usual phishing attempt this morning telling me my ebay account had been 'restricted' and it wouldn't be too hard to harvest 1200 passwords from the above without hacking ebay itself.

    email text:

    "A33 TKO NOTICE: Restricted Account Access

    We have taken steps to secure your eBay account, including review of your
    personal information and placing a temporary restriction on your account. Any
    activity has been cancelled and any associated fees have been credited to your
    account. We assure you that your credit card and bank details are stored on a
    secure server and cannot be viewed by anyone.

    Your account is currently blocked from listing and bidding on items, and from
    sending email through Ask Seller a Question or Contact eBay member. To restore
    full access to your account, please follow the instructions in this email."

    login to your account link was:
    http://us.ebayobjects.com/2c;13012399;10693575;h?http://61.9.146.244/signin.ebay.co.uk/ws/?eBayISAPI.dll?co_partnerid=2&siteid=0&UsingSSL=1

    ie it had a susipicious 2nd address in url, one which resolves to australia

  2. WHAT HAPPENED: Fradulent Items on eBay by N8F8 · · Score: 4, Interesting

    I'm betting that this is the other half of the story: Last night I was looking through microphones in the Pro Audio category and there was an ad with a nude chick at the top (the slot you pay extra to get you item posted to). When I clicked on the ad the FF eBay toolbar popped a warning that I was beign redirected to a fake eBay site to log in. I'm betting 1200 people didn't have the toolbar towarn them.

    --
    "God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
  3. Re:Fraudster? by billcopc · · Score: 5, Interesting

    Anyone who's ever submitted such "well-intended" reports, sometimes they get a "thank you" and the problems get fixed, but more often there is resistance and hostility. Now this is pure speculation, devil's advocate if you will, but what if the hacker had already tried to contact eBay and was rebuffed, or perhaps he (or his client) was the victim of fraud as a result of eBay's poor security and this was retaliation.

    Sometimes, when someone doesn't listen to your kind advice, you have to make them listen.

    --
    -Billco, Fnarg.com