Ebay majorly hacked and compromised

www.mirror.co.uk...=full%26objectid=18642129%26siteid=89520-name_page.html

CROOKS have hijacked hundreds of sales of luxury items from online auction giant eBay.

The villains hacked into accounts of sellers and - by editing their web pages - asked buyers to contact a private email address to "buy now" at bargain prices.

It was last night feared that hundreds of buyers had been duped into sending large amounts of money over the weekend to crooks pretending to be sellers.

blog.auctionbytes.com.../pl/2007/2/1171726205.html

A list of eBay sellers containing names, addresses, and user names and passwords was discovered online this week. On Tuesday, eBay users began buzzing about the list in a thread entitled, "Is eBay like the Titanic" on the eBay Trust & Safety board, with someone including a link to the list.

eBay removed the link, according to eBay spokesperson Hani Durzy. "The link was taken down for obvious reasons. The boards are not to be used to promote illegal activities," he said. But the remaining posts made it clear users remained concerned and angry.

For unknown time length, a list of ebay sellers appeared on a website showing personal contact information as well as usernames and passwords. The list was about twelve hundred pages long.

If any of you use ebay, it is highly advisable for you to go directly to ebay's site (do not click on any links anywhere) and change your password.

Ebay's site security has long been questioned. Seller accounts have been hacked for years despite ebay's claims of a secure site. Ebay tends to cover up anything that may affect stock prices. One thing that has been going on for at least several months is that a hacker will create a listing on the ebay site itself with code embedded in it that causes a user to log in. Since the listing is on the ebay site itself, and ebay itself makes users log in often, ebay users tend to find out after damage has been done that their information was stolen. Ebay claims it is not their responsibility.

WOW!
I just listed some things on Ebay.
Thanks for the information.

GRRRRRRRRRRRRRRRRRRRRRR!!!. I say a long grrrrr because this is not new. Its been happening for the last 3 months in the home audio section every other night. I started tracking it back at the end of November. I sent email after email telling ebay about this the first night it started happening, I think the first night I saw it happen I counted about 700 hacked accounts for stereo Hi-FI items ranging in retail price from$2000 all the way up to $50,000. I emailed ebay so many times about this and they did nothing or they were very slow to respond. Ebay should be sued for this because they were slow to reacte and they knew they had problems. I have the emails to prove it also I tryed calling them, and even made a half ass atempt to contact a News Agency. This is basically how it went down.

Some one tracked for months and months very expensive HI FI audio purcheses on ebay. They some how copied all the acounts into a database. Than they used a program that makes mass edits to multiple items. All the old info was used for the items with the exception that every item was a buy it now. Unfortunatey the buy it now was to good to pass up, and with only 24 auction for every single item they dissapered as fast as they were put up. The catch was though if I remember correctly that you had to contact the seller to end the auction and than they would set up a paypal payment through emails this was as far as I went. I feel sorry for all those people that went further. Any users that had there account hacked didn't know it if they were not checking there ebay accounts every 24 hours. I spent allot of time messaging buyers to let them know what was happening to bad Ebay didn't.

[edit on 19-2-2007 by mindrewind2002]

come to think of it I may have some email exchanges with ebay that may have
potential legal implications -lawsuit

[edit on 19-2-2007 by mindrewind2002]

Yes, it's actually been going on for at least over a year now.

Last year I discovered something else. Another way to hijack someone's account that still exists even though ebay is well aware of it. I will not post it here because it would help would be hackers who have not discovered it yet. I am not into that aspect of computers at all, yet I was able to do this. Someone else who knows how to create hacking programs would have no trouble figuring it out.

Ebay does not care about its users. Ebay management has shown this in its actions over the years. The customer support is zilch or near zilch.

I agree.
It serves eBay right, this has actually done them a favour (as well as the free exposure) they may wake up now and secure their system.they could also vastly improve their customer service, which for a multi-billion dollar company, is utterly diabolical.The selling of fake,stolen or 'dissapearing' items on eBay is totally out of control,and they simply don't police their own site for such...
Well done whomever!.

Anyone up for a joint lawsuit???? You know if a couple people in the government can discredit all are theories on these forums among the general population whats keeping a couple of us average Joes from taking down Ebay with a little propaganda and legit email campaign?

[edit on 20-2-2007 by mindrewind2002]

[edit on 20-2-2007 by mindrewind2002]

as an aside, a few weeks ago i received what i believed to be a suspicious email from ebay which i forwarded to their spoof@ebay address to be checked for authenticity. they replied back saying yes it was a dodgy email and to delete it straight away.

however, when i next logged into ebay. the very same message was sitting in my message box.. ie it was a legitimate ebay email.

i sent them a rather sarcastic email asking if they ever actually bothered to check the things sent to the spoof@ebay address and if they did, why did they tell me one of their emails was dodgy and to delete it straight away. im still waiting for a reply

Some of the spoof/phishing/pharming e-mails end up in ebay's my messages box too. That's how insecure their system is!

I have long thought that someone inside ebay was behind these e-mails/hackings. I have very good reason to think so too.

I was once a ladderop and saw things there that you all would never believe. The inside people would hack their customers' computers and then brag about it in the private message boards designated for the ladderops. It was while working for this site that I met the man from Pakistan. He was a tournament director.

That was just a gaming ladder and it was that corrupt. I have found over the years that the corruption gets bigger as an entity is bigger.

I hate ebay due to I logged onto my account from a different IP in a different country and of cause it feared I'd been hacked it changed my password automaticly. And it said it would send the new password to me in my emails inbox...yet it bloddy didn't.