Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Spyware Threats

Spyware Threats

Extremely Dangerous eBay Attack in Progress

Spend your money on fake cars

By Bogdan Popa, Security and Search Engines Editor

15th of November 2007, 08:20 GMT

Adjust text size:


The email sent to the interested users
Enlarge picture
Why would you want to do that? I guess every user who visits eBay looking for a car wants all the information he requests in order to be sure the Jeep he buys is a not a fake. But a recently discovered
scam provides all kinds of information, including images and other type of content, but it actually aims to steal users' money through a dangerous Trojan. Here's how it works as it was described by the folks at Symantec: the attackers post auctions on eBay, selling cars just like any other registered member. "These auctions are not scams per se, but they are "legit" auctions that are used solely to attract potential victims-whoever asks a question or bids on these auctions becomes a potential victim", Liam OMurchu of Symantec wrote on the security vendor's blog.

After the auction expires, the attackers send messages to the interested users, informing them that the bid winner cannot pay and the car is available again through eBay. Once the victim opens the attachments, their computers get infected with a dangerous Trojan which will serve as a way to control their systems. "The Trojan connects to various Bayrob servers to receive configuration data and to notify the Bayrob controllers that the Trojan has been run. The Bayrob controllers do not continue with the scam of that particular user until they have received notification from the Trojan that it is installed and working correctly on the user's machine", the Symantec representative continued.

But this is the moment when the entire dangerous exploitation starts. It seems that the Trojan horse gives full control over the affected systems to the attackers. From now on, every new page corresponding to an ID included in the email returns a fake page to the user. That's why the infected computers are going to display fake eBay auctions and what's more dangerous, fake users' profiles which contain false feedback in order to convince the potential buyers that the seller is honest and he doesn't attempt to conduct money fraud.

At this time, there is no 100 percent efficient solution to avoid bidding in a fake auction, but you are advised to install a powerful antivirus as well as a firewall in order to block the access to the dangerous websites. To find all the malicious links to be restricted as well as more information about the scam, please read the full Symantec blog post available here.

TAGS:

 ebay | security | fraud | trojan | money


Rating:
Good (3.4/5) 5 vote(s) so far    

Read by 716 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


eBay under Hacker Attacks

eBay Starts The War Against Google

eBay and Yahoo Roll Out New Toolbar

eBay Attacked by Hackers

You Can Get Anything from eBay, Even Years in Jail!

Hackers Attack, eBay Responds!

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive