Cappnonymous Blog 2.0.* Beta
Blog Archives
Great Sites
Links
Online Auction Related Sites& Blogs
Things to Do
Useful Tools and Extensions
Useful Websites
Friends
10.01.07
21:30:54
More Trust & Safety Hack Attack and Data Dump Aftermath
The first thing which is the most important, IMO.
Ebay has not yet addressed the incident of the morning of September 28th, 2007
when Vladuz HACKED the "about me" page of snoyce@ebay.com and left a dry, pinpointy message.
Here is a video I created which documents that event, in a parody format.
So anyone making the assumption that ebay is now safe and secure, you may want to reconsider. Vladuz did not change that about me page by chanting and rolling bones or with a secret incantation. Think about it.
He has made a comment about it out there somewhere. That page was not changed by phishing. (I mean unless fake FBI warning plastic imtimidator snoyce@ebay.com fell for a phishing ploy...) Simple as that. I seriously doubt everything else we saw was caused by, or was a by product of phishing either.
Doubtful any of the loyal subservient flock over there will question that or bring the issue to bear upon ebay in any meaningful way, but everyone has every right to know what REALLY happened. Ebay will not tell you.
Vladuz needs not say one single word. The proof of the pudding is in the tasting.
Back to the T&S bd attack; the accounts logged on one by one, and posted a message. Read his own comments from the youtube page before the info was suppressed, (I mean ATTEMPTED to be suppressed, concealed or made permanently unavailable) back here in this posting.
Where or how all the various infos were stored etc, well ebay and Vladuz know for sure, everyone else can only speculate.
Insofar as V's credibility, again draw your own conclusions. All that I know is that I have never seen any falsehoods from him, anywhere. Have you? Can we say the same for ebay?
Beginning from the very first statement issued by ebay, we saw a series of conflicting and non believable even impossible responses. Statements which were silly at face value, and counter to ebay's own stated policies and/or former statements. No need to go on about the here. I see the details are well spelled out at both AuctionGuild and FireMeg
Now I refer back to this image, from this posting. Notice the links in the vlink color. Those are telling because we see that ebay, from the very start took a course of action geared towards covering up this sad event, as opposed to any sort of display demonstrating a concern for the users, such as to immediately pull the plug, throw the switch or whatever we know they could have, and should have done. Pay particular attention to that post tilted "CC# are valid..." I sure hope whoever posted that has what it takes to follow through.
Looking back on my report, I need to add now that I have had a chance to look at theses screencaptures again, the earliest report I found on the boards to reference the time T&S was finally inaccessible was 07:18 PDT. The screencap I took at 07:23 is labeled thus from the time on my computer clock. It is not synched to ebay, and for whatever reason does not even keep time as well as a 99 cent gas station checkout counter digital watch. (same as all computers I have ever had.) Further may have had that tab open for a minute or 2 before the capture was made.
Now I want to look at another thread, where I see some misinformation regarding the contents of the video which was pulled from youtube. Someone states that CC details were visible and that there were pink posts too. That statement is false. I saw none of that, same as others. Here is the video, have a look. Further, here is another take, which was around 06:14 to around 06:18-06:20 that morning. This take is narrated. After that take, I found that I was a little too excited to really try to narrate, as I was alternately overcome by the usage of some foul language perhaps and laughter. You will observe that I was consciously and purposefully avoiding the recording and display of that sensitive info. So I do not want to see any more falsehoods or misinformation about what was shown and what was not shown, nor my intentions. Nuff said there.
Next in that thread though we see a couple more interesting statements made. One regarding something about employee passwords.
I do not see anything which clearly indicates that and the 32 digits have been explained. I found the explanation first at PowersellersUnite forum, & it is explained again at the above-linked AuctionGuild entry.
There is certainly something different about the "Wheeeee..." posts. What that is has yet to be revealed.
Evidence that suppression of communication has even reached ridiculous levels, where posters are reporting strange filtering" effects on the ebay forums, in particular regarding the words "credit card"
More on that here and
also here (the latter for when the former "evaporates")
Be sure to read it all)
We see the sickening contagion of greed and indifference rear IT's ugly head, as some pipe up immediately voicing their own selfishness in light of their fellow's dire and immediate plight.
Not everything I saw that morning or since was tragic. I did see at least one or two people who rang in to say what should be obvious. In this thread we see a hero. We see a concerned person with a conscious and a regard for the well being of his/her fellows, and the "community"
We can only hope that those sentiments and any following course of conduct and action shall not become victim to any threats, intimidations, punitive actions etc.
Clearly, ebay is not to be trusted while the info of literally MILLIONS of people may be accessible to the hackers, or others who have in all likelihood acquired some of what was posted at least.
There are starting to appear examples of persons claiming credit cards have been compromised and that the CC numbers were indeed valid both before & since the incident, in more than one place, & users are afraid to post about it on the heavily monitored & censored Kool-Aid bds
(re: post by by: justme on Mon Oct 1 2007 12:36:31)
People have every reason to be concerned.
Ebay will do WHATEVER they need to to silence this, IMO.
Look how much they have already done.
Remember, they have the motivation of BILLION$ at stake,
and they have clearly demonstrated their dishonesty many many times over.
Look here and do some research to see what happened the last time I publicly posted something about compromised accounts on the ebay T&S bd, at the "Smart Americans" incident. Note those screencaps in the article from the consumerist.com site.
(look familiar?)
Anyone wanting to see more can contact me
via a PM at the CAPP
forum, as there is a LOT more to that!
The ebay sleaze & cover-up machine has unknown depths, and there was no coincidence to the timing of what you will observe in that CAPP thread, nor the HORRENDOUS activities which surrounded, followed, and are still ongoing. That is not the focus right here and now
though.
There are already reports rolling in hither & yon about unauthorized access to folks' bank and credit cards.
(not that any bank info was observed in any of the DOZENS and dozens of posts I examined)
I will be posting more as I find them
That may be indicative of much deeper troubles. We have recently seen some startling events in a related issue. Again an issue which has been largely ignored by the media here in the USA for some odd reason.
Back to those postings with the PI/CI in them. I found names not on the list at the shenemanfamily website, on the compromised list page. (as of last evening)
Frankly, it is not up to me to do anything about that.
My best advice to all ebay and PayPal users is to contact your bank and credit card companies and do whatever you need to to be sure you are A-OK, regardless of whether your name is or may have been on that list.
Then, permanently close those accounts and find a trustworthy, honest and SAFE venue and payment service.
There are plenty out there.
I have already found out what it is like to call someone on the phone, a total stranger, to start a discussion about their credit card numbers and everything being compromised or at risk
The folks I contacted myself, I advised them to contact their banks and credit card numbers that morning, as the event was ongoing.
Doubtful any of them are reading, but I am sorry to have given you such a start. Keep in mind the adrenalin was flowing here.
I won't mention again what they told me regarding the validity of the data, as the spin doctors are hard at work trying to discredit the very notion that they have been HACKED to the very core and will never ever be safe or trustworthy again. (mostly due to their own actions, NOT those of Vladuz)
Anyone else concerned that I have seen their info or as to my intentions, maybe you should contact the proper authorities if you feel strongly the need.
Be sure to tell them it all started when the Trust & Safety forum at ebay got HACKED, by a world-class black-hat Meister, and that IT is not the first time something similar has happened at ebay.
Also do not neglect to overlook the fact that perhaps millions of other eyes saw them as well.
I am pretty sure by now everyone has taken care of whatever they need to.
I will state my intentions for the screencaps I took. They will all go through Tune-Up shredder, except for the edited and posted examples. I have retained none of the contents, nor would I use any of the info for any reason further whatsoever.
Enough screencaptures of various such posts have been already preserved, presented and posted.
We may all safely subsume that if I had any mal-intentions, I would not be here right now talking about this.
This is all I have time for right now. I hate the internet in that it never stops. There is much much more to all this that requires rumination.
When I return it will be to resurrect some of the other deleted postings and to examine the contents thereof.
Don't need to be a weather man to see which way the wind blows.
http://budmalcolm.bravejournal.com/entry/24328
Ebay has not yet addressed the incident of the morning of September 28th, 2007
when Vladuz HACKED the "about me" page of snoyce@ebay.com and left a dry, pinpointy message.
Here is a video I created which documents that event, in a parody format.
So anyone making the assumption that ebay is now safe and secure, you may want to reconsider. Vladuz did not change that about me page by chanting and rolling bones or with a secret incantation. Think about it.
He has made a comment about it out there somewhere. That page was not changed by phishing. (I mean unless fake FBI warning plastic imtimidator snoyce@ebay.com fell for a phishing ploy...) Simple as that. I seriously doubt everything else we saw was caused by, or was a by product of phishing either.
Doubtful any of the loyal subservient flock over there will question that or bring the issue to bear upon ebay in any meaningful way, but everyone has every right to know what REALLY happened. Ebay will not tell you.
Vladuz needs not say one single word. The proof of the pudding is in the tasting.
Back to the T&S bd attack; the accounts logged on one by one, and posted a message. Read his own comments from the youtube page before the info was suppressed, (I mean ATTEMPTED to be suppressed, concealed or made permanently unavailable) back here in this posting.
Where or how all the various infos were stored etc, well ebay and Vladuz know for sure, everyone else can only speculate.
Insofar as V's credibility, again draw your own conclusions. All that I know is that I have never seen any falsehoods from him, anywhere. Have you? Can we say the same for ebay?
Beginning from the very first statement issued by ebay, we saw a series of conflicting and non believable even impossible responses. Statements which were silly at face value, and counter to ebay's own stated policies and/or former statements. No need to go on about the here. I see the details are well spelled out at both AuctionGuild and FireMeg
Now I refer back to this image, from this posting. Notice the links in the vlink color. Those are telling because we see that ebay, from the very start took a course of action geared towards covering up this sad event, as opposed to any sort of display demonstrating a concern for the users, such as to immediately pull the plug, throw the switch or whatever we know they could have, and should have done. Pay particular attention to that post tilted "CC# are valid..." I sure hope whoever posted that has what it takes to follow through.
Looking back on my report, I need to add now that I have had a chance to look at theses screencaptures again, the earliest report I found on the boards to reference the time T&S was finally inaccessible was 07:18 PDT. The screencap I took at 07:23 is labeled thus from the time on my computer clock. It is not synched to ebay, and for whatever reason does not even keep time as well as a 99 cent gas station checkout counter digital watch. (same as all computers I have ever had.) Further may have had that tab open for a minute or 2 before the capture was made.
Now I want to look at another thread, where I see some misinformation regarding the contents of the video which was pulled from youtube. Someone states that CC details were visible and that there were pink posts too. That statement is false. I saw none of that, same as others. Here is the video, have a look. Further, here is another take, which was around 06:14 to around 06:18-06:20 that morning. This take is narrated. After that take, I found that I was a little too excited to really try to narrate, as I was alternately overcome by the usage of some foul language perhaps and laughter. You will observe that I was consciously and purposefully avoiding the recording and display of that sensitive info. So I do not want to see any more falsehoods or misinformation about what was shown and what was not shown, nor my intentions. Nuff said there.
Next in that thread though we see a couple more interesting statements made. One regarding something about employee passwords.
I do not see anything which clearly indicates that and the 32 digits have been explained. I found the explanation first at PowersellersUnite forum, & it is explained again at the above-linked AuctionGuild entry.
There is certainly something different about the "Wheeeee..." posts. What that is has yet to be revealed.
Evidence that suppression of communication has even reached ridiculous levels, where posters are reporting strange filtering" effects on the ebay forums, in particular regarding the words "credit card"
More on that here and
also here (the latter for when the former "evaporates")
Be sure to read it all)
We see the sickening contagion of greed and indifference rear IT's ugly head, as some pipe up immediately voicing their own selfishness in light of their fellow's dire and immediate plight.
Not everything I saw that morning or since was tragic. I did see at least one or two people who rang in to say what should be obvious. In this thread we see a hero. We see a concerned person with a conscious and a regard for the well being of his/her fellows, and the "community"
We can only hope that those sentiments and any following course of conduct and action shall not become victim to any threats, intimidations, punitive actions etc.
Clearly, ebay is not to be trusted while the info of literally MILLIONS of people may be accessible to the hackers, or others who have in all likelihood acquired some of what was posted at least.
There are starting to appear examples of persons claiming credit cards have been compromised and that the CC numbers were indeed valid both before & since the incident, in more than one place, & users are afraid to post about it on the heavily monitored & censored Kool-Aid bds
(re: post by by: justme on Mon Oct 1 2007 12:36:31)
People have every reason to be concerned.
Ebay will do WHATEVER they need to to silence this, IMO.
Look how much they have already done.
Remember, they have the motivation of BILLION$ at stake,
and they have clearly demonstrated their dishonesty many many times over.
Look here and do some research to see what happened the last time I publicly posted something about compromised accounts on the ebay T&S bd, at the "Smart Americans" incident. Note those screencaps in the article from the consumerist.com site.
(look familiar?)
Anyone wanting to see more can contact me
via a PM at the CAPP
forum, as there is a LOT more to that!
The ebay sleaze & cover-up machine has unknown depths, and there was no coincidence to the timing of what you will observe in that CAPP thread, nor the HORRENDOUS activities which surrounded, followed, and are still ongoing. That is not the focus right here and now
though.
There are already reports rolling in hither & yon about unauthorized access to folks' bank and credit cards.
(not that any bank info was observed in any of the DOZENS and dozens of posts I examined)
I will be posting more as I find them
That may be indicative of much deeper troubles. We have recently seen some startling events in a related issue. Again an issue which has been largely ignored by the media here in the USA for some odd reason.
Back to those postings with the PI/CI in them. I found names not on the list at the shenemanfamily website, on the compromised list page. (as of last evening)
Frankly, it is not up to me to do anything about that.
My best advice to all ebay and PayPal users is to contact your bank and credit card companies and do whatever you need to to be sure you are A-OK, regardless of whether your name is or may have been on that list.
Then, permanently close those accounts and find a trustworthy, honest and SAFE venue and payment service.
There are plenty out there.
I have already found out what it is like to call someone on the phone, a total stranger, to start a discussion about their credit card numbers and everything being compromised or at risk
The folks I contacted myself, I advised them to contact their banks and credit card numbers that morning, as the event was ongoing.
Doubtful any of them are reading, but I am sorry to have given you such a start. Keep in mind the adrenalin was flowing here.
I won't mention again what they told me regarding the validity of the data, as the spin doctors are hard at work trying to discredit the very notion that they have been HACKED to the very core and will never ever be safe or trustworthy again. (mostly due to their own actions, NOT those of Vladuz)
Anyone else concerned that I have seen their info or as to my intentions, maybe you should contact the proper authorities if you feel strongly the need.
Be sure to tell them it all started when the Trust & Safety forum at ebay got HACKED, by a world-class black-hat Meister, and that IT is not the first time something similar has happened at ebay.
Also do not neglect to overlook the fact that perhaps millions of other eyes saw them as well.
I am pretty sure by now everyone has taken care of whatever they need to.
I will state my intentions for the screencaps I took. They will all go through Tune-Up shredder, except for the edited and posted examples. I have retained none of the contents, nor would I use any of the info for any reason further whatsoever.
Enough screencaptures of various such posts have been already preserved, presented and posted.
We may all safely subsume that if I had any mal-intentions, I would not be here right now talking about this.
This is all I have time for right now. I hate the internet in that it never stops. There is much much more to all this that requires rumination.
When I return it will be to resurrect some of the other deleted postings and to examine the contents thereof.
Don't need to be a weather man to see which way the wind blows.
http://budmalcolm.bravejournal.com/entry/24328
0 comment(s).
There are no comments to this entry.
Post New Comment