You do not need to be a PHD to see that.  I think ebay has become the official laughingstock of the entire internet. A sort on online auction emperor/giant in IT's New Clothes.

Let's start out this posting with a look at a couple articles.  First, Let's look back at a headline:

Trojan-fuelled botnet menaces
 UK eBay users
By John Leyden →
10 Sep 2007 11:34
Going, going, own3d

That is straight from google's cache of the story, along with the original text, and that headline was republished over and over. 
The last paragraph read:

 "eBay is yet to respond to our request for comment. The auction giant's safety tips microsite, which is full of useful advise on
avoiding phishing attacks and other such scams, can be found here. ®"

  The story was apparently updated later that day or early the next day sometime, because now the sub-headline has changed, to:
 
Auction giant guards against attack

it looks to be almost a completely different article, and in it, ebay has responded.
 
  I find no mention of when the story was actually updated, nor when ebay finally responded. The published time & date displayed in the article header remain the same.

One quote I find of particular interest is this:

"As for eBay’s servers, members can be assured that their information is secure; no one has ever 'broken into' one of our servers and stolen information," it added.

  So, Even though we know that by the time of that 1st publication with that original headline ebay had not responded, the revised article makes it appear that they had.
Interesting, yes?

  Let's look at that date again anyway:
September 10, 2007


  Now, let's look also to September 10, 2007, when we see another
ominous headline, the announcement at
the falle-internet.de site from Germany:

Data leakage with eBay -Cheats have entrance to the company-owned data base and to read member data out

here translated via google, and also here in the original language.

Datenleck bei eBay -Betrüger haben Zugang zur firmeneigenen Datenbank und lesen Mitglieder-Daten aus

  That article is replete with screencaps and what sure appears to be some solid proof that indeed the back end of ebay has been breached or sensitive data has been leaked in some manner.

Now let us look again the the falle-internet.de site, on 12-09-2007:

EBay Sicherheitsleck identifies:
Data fetch ran over PayPal

eBay-Sicherheitsleck identifiziert:
Datenabruf lief über PayPal

again, that article is long, chocked full o screen captures, code snippets so be sure to go there.

This is most of the nitty gritty. Enough anyway.

  "After publication of the eBay Sicherheitslücke by the international press the team of fall internet.de was passed on now the Original-Programmcode* of two the Scripte used by the cheats. The analysis of the two Scripte by experts of fall Internet.de resulted in that the safety gap like first accepted with eBay did not exist, but that the criminal ones “with the eBay daughter PayPal

There are two Skripte, which worked perfectly one on the other co-ordinated. The details:""These data were picked out as also with the first script directly over a safety hole with PayPal."

"The heart of these two - and probably also a whole number of further similarly working Skripte - represents the use the following demand paging:

 $url = file_get_contents (“http://www.paypal.com/cgi-xxx/ webscr? cmd=_exxy-intxxxxxed-regxxxxxxion&link=0&NBO=1 &ebay_id=”. $_GET [buyer]);

   "This (partly unrecognizable made) code line it is to be taken that a program module (cgi xxx/webscr) was called here the US-American Website of PayPal with the instruction, in order to supply to data with to the eBay Mitgliedskonto indicated variable more buyer.

Data supplier of the E-Mail addresses and address data was not therefore the data base of PayPal, but like already the customer data bank with eBay reports. This can be concluded perfectly from the fact that also eBay members had received the falsified offers with correct address specification, which stood in no relation to on-line Zahlungsdienstleister PayPal. Differently expressed: The criminal ones could avail themselves already for quite some time unimpaired over the detour PayPal directly from the customer data bank of eBay. Only the massive use by the automatic Skripte and dispatching the offers also at not PayPal customers brought this connection to the light.

moving right on down to the bottom of the article now:

"Update 13.09.2007: eBay confirms the described procedure

Meanwhile also eBay to word announced itself.

  “eBay and PayPal work over interfaces together”, avowed eBay Pressesprecher Nerses Chopurian opposite heute.de. Over these interfaces however data were exchanged only if the eBay customer explains his agreement because he would like to open for example an account with PayPal. In this case “eBay for the customer the form for announcing continues to fill with with eBay deposited data out” - so the Chopurian. The data were normally only transmitted in the instant at PayPal, in which the customer locks the registration."
 
  “In connection with an interface for opening of an account an error arose, which was repaired of eBay within fewer hours after becoming known”, says Chopurian and confirms thereby the Datenklau by PayPal. The “problem” led to the fact that “briefly” address data from the eBay data base could be picked out via PayPal."

    So after all, it does appear that both ebay and payPal have been breached in one way or another.

  After all we have seen, starting from waaaaaay back when, the SCO helper, the massive worldwide hijackings, starting in earnest all the way back in February 2007, the urepaired XSS flaws, (the one which ebay claims to have fixed BTW, the one which I have documented on  video, and is  documented all over) the botnets, constant reports of phishing attempts via  ebay's own messaging system, mysterious and spontaneous changes in Paypal account settings, the earlier, massive paypal leaks and apparent ebay/paypal complacency and attempts at censorship of that
 situation seen on ebay.de sicherheit panel, the other leaks mentioned on ebay US "T&S"
forum, and documented.

etc... ad nauseum...

  We have basically still one entities' words against another's. Those dramatis personæ are Vladuz and ebay,  ebaY in the personae of Hani Durzy.
 
  We all should remember what Vladuz had to say about Hani Durzy, yes?

   We all should remember what Pliny the Elder said too;

 "A weasel's hole can be easily identified by of the foulness of the ground around it."

 Simple as that!

  Lastly, our friend Sells.Store@gmail.com youtube video star, international man of mystery, &  comedian/slacker attacked on the night of 09-11-2007, this time using the s.gif overlay method, under the account of  of hrgator ( 55 ) -[now NARU]   Screencap here. Note the properties panel for the gif image - 1400 pixels wide, "pizza box in  the uppermost left. Notre the gif is highlighted of course, normally it is clear, and clickable in this type of fake listing. It is a mailto  link.  The tiny little "square objects" seen are from having blocked elements un-collapsed in AdBlock Plus options. Screencap of an entire listing. 640 width
Screencap of a search by seller and email address, showing 159 fake listings, all likely to contain the overlay. (480 pixels wide)

  I will be back to revisit that situation. There may be more.

  Now, either scroll down or click here, read the episode from last time , then watch the video.

*Thanks to imageshack.us for free photo hosting

**Thanks to tinypic.com for free image hosting

This was updated on 09-13-2007 @ 20:00:00 PDT to add links to more info/pics.

 

Tweet

http://budmalcolm.bravejournal.com/entry/24178

There are no comments to this entry.