Members Login
Username 
 
Password 
    Remember Me  
Post Info TOPIC: The Hackfest continues...


Top Poster

Status: Offline
Posts: 3757
Date:
The Hackfest continues...


whooooooo-wheeeeee!

Now finding fake login pages, active javascript links in the user generated content. These did not auto-direct. You had to click to get to the phishing/login page.

Hacked ebaY Listings with Fake Login Page

Looks like ebay has already removed them but keep your eyes peeled. Or just avoid ebaY like your life depends on it. If yiu've been following along you know they're really slacking off in their responsibilities and obligations to the shoppers and the sellers.

 Besides here and the Cappnonymous wordpress blog, you can look on my tweetstream to see more carnage reported. You can find sad, disillusioned ebay members on the Trust & Safety forum also discussing similar things.

 

 

update: oops almost completely forgot, within a day or two of this event, similar fraud listings appeared with  links to contact forms where the scam-hackers wanted your phone numbers. It's updated at blog with screencaps etc.

 

 



-- Edited by budnonymous on Sunday 12th of May 2013 09:51:01 AM

__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

This is very telling. It pretty clearly shows that ebay has another outbreak of the xss flaw disease, and on ebay.com not just ebaymotors. It also supports and/or confirms what I found the other day with javascript based buttons and links leading to phishing/login pages. I may have been on one of the same pages, but not been affrected the same way due to how I have my browser set up?

At any rate , take note. ebay is not safe! The lack of safety is compounded by lack of any recourse and/or accountability.

Please note I've made the links unclickale. Don't try to visit them, no way of telling what may happen if you do. The forums.ebay.com embedded images /urls are probably safe.

Scam or Virus? Something fishy.. Please comment

Apr 11, 2013 12:23 AM

Here's the story:

 

I was doing a search on Ebay for a camera and saw a deal I was interested in. I clicked on the photo and it led me to this page

 

(embedded image)

http://forums.ebay.com/servlet/ImgServlet?mx=300&attachImage=true&contentType=image/png&attachment=5200085653&crop=false

Everything seems normal until somehow the page reloaded itself and I noticed that the web address has changed from hxxtp://www.ebay.com/itm/CANON-EOS-1D-MARK-IV-16-1-MP...... to hxxp://nauk2paw2.com/ws/eBayISAPl.php?ViewItem&item=321105524769&seller=bkmoores

 

Is nauk2paw2.com an Ebay address?

 

Here's the screenshot of the new page

 (another embedded image)

http://forums.ebay.com/servlet/ImgServlet?mx=300&attachImage=true&contentType=image/png&attachment=5200085654&crop=false

 

I tried accessing this item using my PC laptop, Mac and tablet and the same thing kept happening.

I tried to click Buy Now and it asked me to Log In again and the only payment option is a bank transfer, not Paypal

Is this something normal or was Ebay's security compromised?

Please help.

 

Scam or Virus_ Something fishy__ Please comment_20130411_480.png



Attachments
__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

Yesterday evening I found yet another hijacked/ hacked account,  koulithegreek so I though I might just tweet it out to the head monkey in charge, as it were.

 

@Tallboy6 Trade with hacked Canadian ebaY sellers: Does your internet tax plan address that? bit.ly/11RYjCr pic.twitter.com/FZbtzot5BT

 

Tonight I go look again and the listings are still there, only the hosting site where the hacker's images, including the contact me at bla blah has gone down. This batch had the name lany.ebay at you know where dot com as contact info.

I'm guessing that ebay needs those fvf's and the ad revenue. LoLz

Rogers BBC LS3 5A Monitors 15 Ohm So 2470 A B hacked_images_gone_eBay_20130425_360.png

 

Keep up the great work, ebaY.

 

 

 

 

 

 

Twitter / Cappnonymous: @Tallboy6 Trade with hacked ...
https://twitter.com/Cappnonymous/status/327249993503236098/photo/1 [more]



Attachments
__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

Here we go, as I pointed out on tweeter:

https://twitter.com/Cappnonymous/status/329744743548452865

Look what I found on ebay! (Zero) feedback rated seller Hacked! LoLz @ebay #fraud filters pic.twitter.com/oqfpq3HawW

 



__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

A development with the fraud listings which is troubling for a couple reasons.

First off, this one may not actually be hacked, but a dedicated account just opened by the member russbutl on May 8th 2013. Much like the one I posted the tweet about above. This particular item/identical photo etc has been used very recently for scam listings.

Second, notice there isn't any image or text with outside contact instructions in the listing?

Third, for whatever reason, the small "beacon" icon indicating the member/seller is brand new, while showing on the seller list and fb pages is absent on the listing page.

The paypal logo is flying as payment method, along with that glorious "rock solid guarantee" of ebay buyer protection.

What may well be the case here is that the scammer has a fake paypal account to take the payment on, or perhaps hijacked/hacked/taken over someone else's? At any rate, they seem ready willing and able to take paypal payment.

That seems to be a risky combination of variables for would-be buyers/bidders

 

HQ 18 Avante Handi Quilter Long Arm Quilting Machine Frame with EXTRAS__20130509_480ce.png

 

 

oh yeah, can't let this go by without mention. ^ notice that entirely fake "people who bought this also bought..." showing up everywhere, even (or mostly) places/listings where nothing sold!. wow lmao

 

Feedback_sellerlistr russbutl_20130509_480cce.png

 

(see my tweetstream for some of the latest on the fake ebay and paypal accounts for sale problem. It may be more like pandemic than epidemic by now.)

 

There was also another similarly recently registered account, robcar234 ( 0 ) that had listings for items like that, but with the contact info image. Those are now removed, yet the account remains active/ in good standing w/e. Visual documentation available upon request.

 

 

Update:

bwhahaha I'm looking at this russbtl's listings. Now showing is a contact instructions image, with the text to contact robcar234 at g-mail. By adding to the listing, as opposed to revised.

Hilarious!

For whatever reason I guess they couldn't add the image to the original listing or revise it? technical issue, maybe just forgot or whatever?

Here's the url of that image

http://www2.picturepush.com/photo/a/12897645/1024/Picture-Box/5trtrh.jpg

 

The fake paypal (and ebaY) account issue still remains. Maybe not on these particular listings, but overall.  I can tell you there is a great deal of interest in them.

 

 

 

 

 



-- Edited by budnonymous on Sunday 12th of May 2013 10:02:18 AM

Attachments
__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

Just a quick reminder thast the hijacked and/ fraud listings are continuing..

I've seen hijacked accounts and the dedicated zero feedback new users listing the high fraud items, and ebay's crack security team at work. A couple examples:

here a zero FB seller with obvious fraud listings:

still live as of this moment

gmaster301_fraud_listings_20130622_480.png

 

 

Here another ridiculous look at how sleazebay polices it's site (that is to say they don't) LoLz!

Roland Printer Cutter SP540-V_hacked_search_LoLz_20130617_480.png

 

LoLz!

 

The names and the dates have changed, but the song remains the same....

Enjoy!

 

 



Attachments
__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

Haven't updated this in a while because it would be easier to mention when ebay was NOT being hacked!

Let's start off with this:

eBay hack sends victim into debt collection nightmare

 ^ This lady had her dormant ebay account hijacked, whereupon sleazebay and their debt collectors came after her like rabid Hyenas to the tune of thousand$. If you have an ebay account you do not use, make sure to close it out or fix your bank account and credit card accounts so that ebay/paypal cannot withdraw from them. Ebay recently changed the billing language in their user agreement so as to allow then to deduct from your attached payment methods, as well as the collections parts of it.

 

Also, pretty easy to consider the ownership of the ebay forums by escort service/call girls and other spammers, as a hack job, since they are scooting right by whatever forum moderation filters may (or may not ) be in place. It's hilarious! They are even using intimidation tactics now to silence users who want a clean forums.

 

ebaY Community Forums Under Spam Attack

 

 

Now just a sample of the account take-overs, they have not missed a beat. Notice the high-end items, the amount of them, the rapidity with which they were listed, the immediacy of visibility.

Clearly the hackers have abilities to bypass whatever filters, policies etc which 'regular' ebay members do not have.

You will note the hacker's MO is basically the same, yet ebay is unable to defeat that challenge after all this time... hmmm

 

Tonight's seller/victim: professional_sports_authenticators

 

2013 Cannondale Scalpel 29ER 1

 

2013 Cannondale Scalpel 29er 1 I eBay_hacked_10112013_480c.png

 

 

 

Victim/Seller's list in the Trading Cards category, where it looks like the bulk of the fraud listings were placed. Everything you see which is NOT a Trading card there is most likely fraud. Once again, hackers get around whatever category suggestions/restrictions ebaY may have.. Many times they are able to list duplicate high end items, in so-called "high fraud" categories, sometimes hundreds if not thousands... hmmm...

 

professional_sports_authenticators in CollectiblesTrading CardsI eBay_10112013_360.png

 ^ oops, forum resizes. Full page screencap available upon request

 



Attachments
__________________

Exposing the sleazery of ebaY and PayPal

 



Top Poster

Status: Offline
Posts: 3757
Date:

Looky here! Shooting star level victim

soniac37 (10517)

soniac37_hacked_Musical Instruments & Gear_eBay_15112013_640c.png

 

 

Pink Guitar Signed by Jason Aldean_ eBay_hacked_15112013_480c.png

I shore do like that pink guitar. Aint it purty? it's been on ebay about a million times now. Along with all the other stuff. You'd think they would have been watching for it all, eh?

Golly gee, why oh why didn't ebaY's purported staff of thousands along with their magical software catch that?

Is anyone truly that incompetent?

Took about 30 seconds flat to find that.

Gee, you don't suppose they were making false statements regarding the immensity of their security staff and quality of their technology in all the recent press we've seen do you?

You see what else is odd? No delays, no limitations, no nothing.

Chopped Victoriously, or Insider Assisted, maliciously?

Other than that, what else could it be?

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 



-- Edited by budnonymous on Friday 15th of November 2013 10:28:02 PM

Attachments
__________________

Exposing the sleazery of ebaY and PayPal

 

«First  <  19 10 11 | Page of 11  sorted by
Quick Reply

Please log in to post quick replies.

Tweet this page Post to Digg Post to Del.icio.us


Create your own FREE Forum
Report Abuse
Powered by ActiveBoard