NOW READ THIS
("Security Advisory")
| Go Back |
Submitted by: Bill Hickey
NCVA List Master
NRT-0294 Botnet Steals eBay Accounts:
A Tel Aviv-based security company said online auction site eBay has been targeted by identity thieves, who are wielding a botnet that uses brute force to uncover valid account log-in information. The researchers at Aladdin Knowledge Systems say the attacks against eBay may have started as long ago as early August. According to the product manager of Aladdin's eSafe threat-protection line, the brute-force attacks are launched by a large botnet that identity thieves have built using a sophisticated, multistage campaign that begins with compromised legitimate web sites. The botnet is being used to call an eBay application proramming interface (API) with pairs of possible usernames and passwords. The API allows the Trojan horse-infected PC to communicate directly with the eBay database using XML-formatted code. If the database contains the username-password pair, it responds, which the Trojan horse notes, then later transmits to a hacker-controlled server. With enough username-password combinations the criminals can uncover a limited number of real credentials.
(ComputerWorld 04SEP07)