1927 Gibson Style H1 Mandolin

budnonymous · Top Poster

The Hackfest continues...

budnonymous · Top Poster

Here we go, as I pointed out on tweeter:

https://twitter.com/Cappnonymous/status/329744743548452865

Look what I found on ebay! (Zero) feedback rated seller Hacked! http://www.ebay.com/sch/scottb0g/m.html... LoLz @ebay #fraud filters pic.twitter.com/oqfpq3HawW

budnonymous · Top Poster

Yesterday evening I found yet another hijacked/ hacked account, koulithegreek so I though I might just tweet it out to the head monkey in charge, as it were.

@Tallboy6 Trade with hacked Canadian ebaY sellers: Does your internet tax plan address that? http://bit.ly/11RYjCr pic.twitter.com/FZbtzot5BT

Tonight I go look again and the listings are still there, only the hosting site where the hacker's images, including the contact me at bla blah has gone down. This batch had the name lany.ebay at you know where dot com as contact info.

I'm guessing that ebay needs those fvf's and the ad revenue. LoLz

Rogers BBC LS3 5A Monitors 15 Ohm So 2470 A B hacked_images_gone_eBay_20130425_360.png

Keep up the great work, ebaY.

Twitter / Cappnonymous: @Tallboy6 Trade with hacked ...
https://twitter.com/Cappnonymous/status/327249993503236098/photo/1 [more]

budnonymous · Top Poster

This is very telling. It pretty clearly shows that ebay has another outbreak of the xss flaw disease, and on ebay.com not just ebaymotors. It also supports and/or confirms what I found the other day with javascript based buttons and links leading to phishing/login pages. I may have been on one of the same pages, but not been affrected the same way due to how I have my browser set up?

At any rate , take note. ebay is not safe! The lack of safety is compounded by lack of any recourse and/or accountability.

Please note I've made the links unclickale. Don't try to visit them, no way of telling what may happen if you do. The forums.ebay.com embedded images /urls are probably safe.

Scam or Virus? Something fishy.. Please comment

Apr 11, 2013 12:23 AM

Here's the story:

I was doing a search on Ebay for a camera and saw a deal I was interested in. I clicked on the photo and it led me to this page

(embedded image)

http://forums.ebay.com/servlet/ImgServlet?mx=300&attachImage=true&contentType=image/png&attachment=5200085653&crop=false

Everything seems normal until somehow the page reloaded itself and I noticed that the web address has changed from hxxtp://www.ebay.com/itm/CANON-EOS-1D-MARK-IV-16-1-MP...... to hxxp://nauk2paw2.com/ws/eBayISAPl.php?ViewItem&item=321105524769&seller=bkmoores

Is nauk2paw2.com an Ebay address?

Here's the screenshot of the new page

(another embedded image)

http://forums.ebay.com/servlet/ImgServlet?mx=300&attachImage=true&contentType=image/png&attachment=5200085654&crop=false

I tried accessing this item using my PC laptop, Mac and tablet and the same thing kept happening.

I tried to click Buy Now and it asked me to Log In again and the only payment option is a bank transfer, not Paypal

Is this something normal or was Ebay's security compromised?

Please help.

budnonymous · Top Poster

whooooooo-wheeeeee!

Now finding fake login pages, active javascript links in the user generated content. These did not auto-direct. You had to click to get to the phishing/login page.

Hacked ebaY Listings with Fake Login Page

Looks like ebay has already removed them but keep your eyes peeled. Or just avoid ebaY like your life depends on it. If yiu've been following along you know they're really slacking off in their responsibilities and obligations to the shoppers and the sellers.

Besides here and the Cappnonymous wordpress blog, you can look on my tweetstream to see more carnage reported. You can find sad, disillusioned ebay members on the Trust & Safety forum also discussing similar things.

update: oops almost completely forgot, within a day or two of this event, similar fraud listings appeared with links to contact forms where the scam-hackers wanted your phone numbers. It's updated at blog with screencaps etc.

-- Edited by budnonymous on Sunday 12th of May 2013 09:51:01 AM

budnonymous · Top Poster

ebay's trust & safety or security team is in fine form tonight, unlike hacking /account takeover victim millenium_showcase, who's account has been filled with fraud listing for a few days now.

Note the same ol' same ol' items, bids raised sky-high by whatever ebay do-gooders out to defend ebay's honour.

psssst ... the ebay ceo just got $30 million. Do you think they can afford to hire their own staff to clean the place up, IF they WANTED to?

Keep up the great work sleazebay!

budnonymous · Top Poster

Doc with a follow up video report on this Easter Weekend Hack job / ebaY Trust & Safety fail.

eBay Seller Anitahaveit2 Account Takeover Day 2

We all love ebaY! :roflmao:

-- Edited by budnonymous on Tuesday 2nd of April 2013 06:34:09 AM

budnonymous · Top Poster

Things are starting to heat up a little on sleazebay with the account takeovers. No Batboy sightings yet but something about the nature of the scam listings sure has a familiar ring to them. Ongoing event, as the victims'a accounts are still loaded with fake listings. Ebay is aware of the hijackings but they've deleted multiple forum posts warning people instead of taking down the fraud listings.

ebaY Sellers get Crucified on Easter Weekend

budnonymous · Top Poster

Just a brief update to let folks know the hijackings continue...

I'm wondering whether the last glitch on ebay dealing with the seller limits and listings trashed don't have something to do with sleazebay attempting to correct the problem?

Lately there's been quite a few shooting star level members hijacked. LoLz! Still waiting for even one of them to say they gave away their passwords or fell for phishing, or for sleazebay's PR dept to say it.

As has been demonstrated for years, hackers have the abilty to bypass ebay's supposed 'fraud filters' and they still do, despite the sellers' limits. site unsafe; ebay lies!

hahahaha!

Here's tonight's victim, vintage_treats4u (4814)

Same ol' same ol' ...

Audio Research PH7_hijacked_20130323_480c.png

Note the number of high fraud category items.

Maybe it's time for some more monumental hijackings of 100K items, with video coverage and so on?

budnonymous · Top Poster

I put this on my Cappnonymous blog due to the stature if the seller hijacked. There was at least 2 other victims that night, one of them, ebay member ks3311 finally got their items/seller list cleaned up sometime today. I wonder how many buyer victims there were?

ebaY Shooting Star munchkinscakes08 Hijacked

budnonymous · Top Poster

Just another reminder that paypal is compromised. Spoof email addressed to the client's proper name. The hackers/phishers/whatever aren't guessing these names or getting them via psychic abilities.

I believe this may be one of ebaypal's biggest cheerleader/resident schills btw

Purfict spoof mail using Paypal

Dec 5, 2012 05:16 AM

Returned home today to find an email from Paypal for a payment for $199.74 to eBay seller PINZOO I never made. I didn't click and links but it was sent to may Paypal email address and addressed me by name. All email links were shown as in .ru though. No debit's were shown in Paypal though and no activity shown in my bank account. My guess is if I logged in to Paypal using any of the links in the email it would have attempted the charge. This one is real looking with fake links to the resolution center even.

Uploaded with ImageShack.us

Best thing you can do is never use paypal or ebay. If you have accounts, close them down and do whatever you need to in order to ensure they cannot draw from your bank accounts or credit cards. They are notorious for mysterious 'glitches' as well as being hacked, cracked and zombied!

budnonymous · Top Poster

Just a ittle reminder the site is still filled wih completely fake listings. Here's a seller hijacked whom I found with one quick search:

Items for sale from algrihobby ( 344)

Uploaded with ImageShack.us

Here is the sample hijacked listing:

1927 Gibson Style H1 Mandolin

Uploaded with ImageShack.us

here is the url of the image contained in the hijacked listings:

http://infopicseb.com/b.jpg

I find this hilarious of course for more than one reason. First, ebay bots are now interfering with normal communications between buyers & sellers by false flagging of email messages purported to contain offers to conduct biz off ebay etc. Bu they're not able to find these? bwhahahaha!

Second, apparently this hijacker isn't aware they could just go buy a fake ebay and paypal account or complete Fake ID packages at any number of places and scam like there's no tomorrow.

Longevity, feedback score etc etc all mean nothing on sleazebay now, with the proliferation of the fake accounts.

Victims wil never even know when they've landed on one of those listings until after they've ben scammed. It may well be a sad Holiday for lots of folks shopping sleazebay this year.

budnonymous · Top Poster

ebay/paypal have a big hacking problem on their hands with fraudulent shipping labels to the Russian Federation and elsewhere in that area of the world. As usual, they're resorting to sleaze tactics to keep it hush-hush.

Victims are suffering great losses, having their lives turned upside down. Very serious shizzle.

HACKER USED MY EBAY ACCOUNT TO SHIP EXPRESS MAIL LABELS

budnonymous · Top Poster

It sure looks like there are issues with paypal clients' personal info, doesn't it? Hackers and phishers don't just pull those names out of a hat.

@PayPal Would you tell me where 2 forward phishing e-mail, pls? Want 2 show it uses name, which advice says doesn't happen - thanks : - )

Uploaded with ImageShack.us

budnonymous · Top Poster

Just another reminder that PayPal has been compromised, either by hackers or insiders. There's not any other reasonable or plausible explanation which exists to allow for paypal phishing emails to contain the client's real name etc. I suppose another possibility exists; that ebay/PP mangement are secretly selling your info to scammers because they need the money!

Sure, I'm laughing but it's no joke. Look at what all else they've been caught doing.

(bold emphasis mine)

Paypal Spoof or Not
Aug 20, 2012 05:28 PM
I got an email supposedly from Paypal about "Limited Account Access" but I suspect to be a spoof. It was in my spam folder, so already that was red flag. I'm familiar with spoofs with generic salutations like "Dear Paypal Member", but what's unusual is that this email addressed me by my full name.

Have you ever received a Paypal spoof that addressed you by your full name (or business name)? When I logged in to Paypal (through the actual website, of course), everything looked fine, and there was no notification requiring my attention.
The email I believe to be a spoof did contain suspicious links requesting me to log in. So, I'm wondering if nowadays it's NOT unusual for Paypal phishing emails to actually contain a person (or business') real name in the salutation.

Uploaded with ImageShack.us

BTW, you may notice that the last poster advised to send the email to paypal's spoof address. That is a bogus meaningless, recommendation. Nothing but a pacifier without any real effect or solution to the real trouble. Reason being is that they ID anything & everything sent there as a spoof.

Don't believe me? try it with any known valid paypal email communication. Go ahead. No human being will ever see it. When they auto-bot-send back the notice telling you is was fraud/phishing, send that back to them too. A winner every time! LoLz!

As we should all realize by now, ebay and paypal do NOT act upon reports of fraud unless or until it somehow becomes an embarrassment to them in the electrosphere.

-- Edited by budnonymous on Wednesday 22nd of August 2012 06:29:31 PM

budnonymous · Top Poster

Just a little reminder tha these account hijackings are still ongoing... using the same method of having an image with instructions to contact the scammer via email. In this example the seller (victim) has 3 expensive (imaginary) dive masks, one of the scammer's favorite baits. There are many many more examples there right now with very expensive items across the range of categories.

Uploaded with ImageShack.us

Of course this has been going on for years and there's nothing ebay can or will do to stop or prevent this. Ebay then sends a bogus invoice to the hijack victim and strongarms them into paying, or they attach or link that now delinquent victimized account to another (often random) member's account and force/coerce them to pay the bogus balance in order to continue operating on ebay/with paypal. All this while ebay knows full well the original victim's account was hacked/hijacked.

budnonymous · Top Poster

Now here is a particularly troubling look at a hacking-related LieWorld Moderation Fail

("LieWorld" is ebay's sleazy forum moderation service, and self-admitted professional undercover liars in case you were unaware)

But to the point, they left up the live phishing link on their forums for anywhere +/- 36 hrs, even actually had their forum "helpers" bumping the post! Failed to report the site apparently too.

They then redirected the post, once pulled, to an ebay login page, as opposed to the normal 'error' page! Very strange... isn't it?

Complete visual documentation at links. Don't miss it!

-- Edited by budnonymous on Saturday 31st of March 2012 07:04:12 AM

budnonymous · Top Poster

In case anyone is wondering, YES, the account hijackings are still ongoing. Found these in no time flat. yet ebay with their bot-armies and filters can't. I wonder why that is?

victim: eddy51144

item: SIGNED FIRST RUN ESP KIRK HAMMETT OUIJA

I've highlighted the seller name in the composite screencapture.

Uploaded with ImageShack.us

But there was even more as I searched for similar items...

The victim: atek24

You may notice it's some of the very same exact items as several months ago when I produced a few reminder vids and uploaded to youtube.

Uploaded with ImageShack.us

I'm sure we could find thousands upon thousands of these hijacked listings/acounts each and every day, had we the time...

You'll notice this has literally been going on for years and they've never been able to stop it. I'm glad they have bots to detect unauthorized use of google checkout, and cash though LoL!

budnonymous · Top Poster

Never fear, PayPal fans! I see this happened too. Looks like a biggie.

Phishing sites using Extended Validation SSL

budnonymous · Top Poster

I see the hacking and account takeovers at ebay are still going strong. Business as usual. LoL. Here is a member who had no less than 762 fake iPhone listings inserted into theirs.

Uploaded with ImageShack.us

I didn't get a chance to view the listings before ebaY began to remove them, so I'm not sure whether they just contained instructions to contact outside of ebay or something else, but there was this little thing on trendmicro about redirects within fake iPhone listings.

budnonymous · Top Poster

This may be the same person whom chimed in on the above paypal forums thread with post 156. The reported dollar amount, along with other details is the same.

Paypal Hacked!

On October 16, 2011 (Sunday), I decided to pay a couple of bills. I usually don't use the computer on Sunday, since I work on one all week. After paying the bills, I checked my email and quickly glanced over them. I noticed one from PayPal and I was about to chunk it in the trash when I noticed the words "Receipt for Your Payment to Gmarket". I thought it was spam mail, but I read it anyway. I noticed the amount of $834.77 and my heart rate started to sky rocket! "Who in the H3ll is Gmarket!", I screamed inside!

(continues with screencaptures and more info...

budnonymous · Top Poster

It would appear that either hackers have yet another way into Paypal, via GMarket somehow, or they have some more insider fraud on their hands. There are not any other plausible explanations for this.

(Gmarket is a part of ebaY.)

What would you do?

Oct 6, 2011 02:48 PM

Reply

On Oct. 1st, I received notice via email that PayPal had made payment from my checking account in the amount of $681.24 to an Ebay owned company called Gmarket. This was not of my doing and I immediately (within an hour) disputed the charge through the resolution center at PayPal. On October 3rd the amount was deducted from my checking account. Had I known that PayPal would not stop the transaction I would have called my bank the Monday morning of the 3rd and notified them of the fraudulent request. But regretfully I didn't. I'm not sure it would have made a difference as I have since contacted them and they informed me that it would take 10 days to investigate before they could take any action.

In the meantime, I am awaiting the 7 day "use my money for free" period that Gmarket has to respond to my dispute. They have my $681 and I have been trying to juggle funds here to avoid any overdraft charges. It seems to me that this is a case of a scammer making all the rules and calling all the shots while using my money - at my expense. Is my only recourse to just wait the 7 days and hope that PayPal comes through?

I have called PayPal and they say to contact my financial institution. I called my financial institution and they say it's a 10 day wait. I have emailed Gmarket and got no response. I have contacted Wells Fargo Bank, who initiated the ACH for Gmarket and they say they have no control over Gmarket or my money. Gmarket has no phone number and they are located in Korea. I would think this whole thing is really fishy since Ebay owns Gmarket and PayPal. I am not a registered member of Gmarket and never knew they existed until they took my money.

I know there are a lot of experienced buyers and sellers here who have been there and done that....What would you do? Is this a more serious offense because they are all bedfellows who are manipulating me and my money? I mean illegal in a different way than being an ordinary hacker/scammer just trying to steal my money. Any suggestions appreciated.

...(now skipping to post 156...)

Oct 16, 2011 11:08 AM

Reply

I just received an email this morning saying I sent a successful payment of $834.77 USD to pay@gmarket.co.kr. I logged in my paypal account and sure enough the transaction was there.

I quickly disputed the transfer and called my bank (Wells Fargo). Since the transfer was not pending or there yet, they told me they could not do anything. So, I quickly transferred all my money in that account to another account and I will dispute it when I get a NSF charge. I am also putting a hold on that account tomorrow.

Ebay needs to fix this. If I didn't check my email today (Sunday), I would of been out $834.77 and that would of really hurt!!!

(screencapture of page 7, including the Original Post)

Uploaded with ImageShack.us

If you read the entire thread, you'll see the very same old tired, overexposed shills, reading from the very same script. It's classic ebay forums flim-flam through and through. It's easy to pick out the 'funny' parts and players

It will be interesting to see how many more similar reports pop up.

How long, and with how many victims have the iTunes/Paypal hackings & account drainings been ongoing now without resolutuion?

Close your PayPal accounts now, before this happens to you.

joinassit · Noob

Howdy, this has been an excellent informative article! I definitely appreciate all of your wisdom. Thanks alot .

budnonymous · Top Poster

Latest victim/seller: clccarolynl2010

(Who is NOT a top rated seller, feedback score was 71)

I'm not sure if they were removed by ebaY, the seller, or simply ran their course.

The bogus iPhone ads were identical to those exposed in a very recent video which I posted to youtube:

ebaY TRS hacked fake iphone joohnkoo

Uploaded with ImageShack.us

So much for ebaY's alleged fraud filters, various seller limitations and whatever detection methods they have to ban certain links and images within listings, as they recently enacted...

That is another indication that the site is HACKED, not just 'simple phishing'.

Stay tuned for more stuff.

budnonymous · Top Poster

The account take-overs have increased by an exponential rate at ebay!

Seems to be targeting Top Rated Sellers. Still getting multiple listings of the same high-end and even ultra high-end artwork, fine collectibles etc right through with no delay. Hundreds at a time.

Haven't seen this many for quite some time now. Since uhmm.. who ever that one guy was putting the severe hurting ownage on them a while back.

LoLz

Here are a couple samples of the latest, but there have been many, many more

eBay Top Rated Seller THM37 Account Hijacked

ebay may have gotten a little overzealous here while removing the faked listings from victim displays-n-such

ebay TRS hacked! - Seller's legit items removed?

ebaY Top Rated Seller Hacked imacowboy77

The attack upon ebaY Top Rated Sellers continues...
with special guest appearances by John D "Bonzohoe", ebay's train driving mascot and Batboy

Find more at my youtube channel and at the ebaydirtylaundry channel.

Some of the other victim/seller IDs have included:

shefford-rambler

kobo.g

fashionmusic101

rarefinds_by_art

labouquinerieduplateau

marketplacemagic

That's a scant fraction of the ones I've documented thus far. I could upload a lot more screencaptures and/or vids had I the time.

-- Edited by budnonymous on Monday 3rd of October 2011 04:52:57 PM

budnonymous · Top Poster

More video documentation of the sudden wave of account take-overs on slaezebay from Doc of ebaymotorssucks.com

eBay Top Rated Seller MonkeyGamez Account Hijacking 390347840587

Another Hacked eBay Sellers Account - ACOPELAND1

and a humble contribution from yours truly

ebay Hacked! Top Rated Sellers Under Attack

-- Edited by budnonymous on Monday 19th of September 2011 12:30:01 AM

budnonymous · Top Poster

Haha! I see another very highly rated ebay TRS is being hijacked right at this very moment.

monkeygamez with a feedback Score Of 58682, with the shooting star icon.

You may note the very same key phrases being used as last night, and very similar if not the same items. This of course lends to the notion that either ebay is hacked to the core or the hackers have insider help. There are no other plausible explanations. Think about it.

Uploaded with ImageShack.us

-- Edited by budnonymous on Saturday 31st of March 2012 07:07:58 AM

budnonymous · Top Poster

I stumbled over this pretty big hijacking/ account takeover earlier. Same basic M/O as usual, the difference this time being the stature of the sellers hijacked.

Another thing, ebaY has been imposing limits on numbers items listed in certain categories etc like never before. For the hackers to be able to insert this amount and type of items again points to either them having a trick to get around the alleged fraud filters and/or other, newer seller limitation rulesets, or to have insider assistance.

That aside from how the account logins were acquired in the first place. Are we really to believe these very experienced sellers all fell for phishing ploys?

First the sample fake listing...

Uploaded with ImageShack.us

Now the victim/sellers: globalgolf

Uploaded with ImageShack.uspleasurejohnson

Uploaded with ImageShack.us

Last but not least, bobs618, who seems to have some active fake listings as of right now

Uploaded with ImageShack.us

As an aside, if you look at the golf club seller's feedback, you have to wonder why they are even still there, considering that small sellers with scant fractions of the percentage negs have been exterminated?

But the real comedy comes when you read about the incident on the ebay forums.

Note: If this image vanishes you can always see it documemtned in the accompanying video

Uploaded with ImageShack.us

Then you realize that at least one seller had to end the fake auctions themselves, because sleazebay was asleep at the wheel. Again.

Uploaded with ImageShack.us

Just another stellar example of why you need to avoid ebay like the plague.

-- Edited by budnonymous on Sunday 22nd of April 2012 05:58:53 PM

budnonymous · Top Poster

Port Matilda woman's PayPal account hacked

8:56am on Aug 26, 2011; Modified: 8:58am on Aug 26, 2011

A Port Matilda woman reported to police that someone hacked an online account of hers and made several aunthorized purchases.

State police in Philipsburg said purchases totaling $1,033 were made and shipped to Doral, Fla. The hacker got into her PayPal account.

-----------

from the comments...

"no idea why this is news. happens everyday"

budnonymous · Top Poster

iTunes Hacked, Linked PayPal Accounts Drained In Ongoing Problem

I've been rather surprised to learn that fraudulent purchases on iTunes accounts have been an ongoing problem for over a year and that some linked PayPal accounts have been drained in the process. This is bad news for Apple, who don't seem to be responding effectively, and even worse news for iTunes users from music sellers to fans.

Scott Hanselman's recent ComputerZen post on iTunes account hacking was the first I'd heard of a problem that began showing up on Apple Support Communities in late 2010 and continues to this day. The Next Web has related accounts involving rogue apps that were revealed as far back as July 2010.

From a TechCrunch post on August 23, 2010:

read the rest...

Smart people will avoid paypal and iTunes like the plague...