Skip to main content

Custom botnet nicks eBay accounts

Interesting to read this week about a customised botnet attack that has been specifically designed to steal Netters' eBay accounts.

According to newswire reports, the attacks on punters' eBay accounts may have started as long ago as early August, although Aladdin, the IT security firm that discovered the problem earlier this week, says it was having trouble notifying eBay about the issue.

Doesn't everyone have problems contacting eBay? -Ed

Aladdin says that the brute-force attacks are being launched by a large botnet that the identity thieves have built using a sophisticated, multi-stage campaign that begins with around 300 legit, but compromised, Web sites.

These sites have been compromised by SQL injection vulnerabilities and have IFrame attack code inserted into their main pages.

When a punter lands on the page, it then redirects them to one of several hacker sites, which load a trojan (or six) on to the hapless Netters' computer.

From then on, the punters' computer forms part of a giant botnet that uses a series of algorithms to generate assorted ID/password pairs and lob them en-masse at the eBay application programming interface.

Nasty stuff - the bad news is that, such is the scale of the botnet that eBayers will soon have to start using alpha-numeric passwords if they want to keep their accounts secure...