Members Login
Username 
 
Password 
    Remember Me  
CAPP -> CAPP -> Aladdin Security Team Announces New Developments Surrounding eBay Botnet Attack
Post Info TOPIC: Aladdin Security Team Announces New Developments Surrounding eBay Botnet Attack
budnonymous


Top Poster

Status: Offline
Posts: 3757
Date:
Aladdin Security Team Announces New Developments Surrounding eBay Botnet Attack
Permalink  

Aladdin Security Team Announces New Developments Surrounding eBay Botnet Attack

Latest research from Aladdin Content Security Response Team ties phishing to attack, as well as possible targeting of UK eBay accounts
September 06, 2007: 05:56 PM EST

CHICAGO, Sept. 6 /PRNewswire-FirstCall/ -- Aladdin Knowledge Systems today announced that the Aladdin eSafe Content Security Response Team (CSRT) has uncovered significant new details surrounding the eBay botnet attack it first discovered on Monday.

(Logo: http://www.newscom.com/cgi-bin/prnh/20040416/CGALADDINLOGO)

The attack, which is one of the first of its kind to employ extremely complex, multi-stage attack methods, performs a distributed and covert brute force attack on eBay accounts in an effort to obtain personal information and/or items sold/purchased via the eBay site. Two new details provided by the Aladdin eSafe CSRT were made available this afternoon:

Threat employs phishing - Aladdin researchers identified cases where victims have entered their credentials in phishing sites controlled by the attackers, giving further opportunity for the attackers to quickly gain access to an even larger number of accounts. The phishing operation appears to be ongoing and continues to collect user information. Aladdin researchers have validated cases in which the botnet collected active eBay account details.

Potential UK focus - Aladdin security specialists have identified that a high percentage of the threat's efforts are targeted specifically at UK-based eBay account holders. The Trojan appears to separate its handling of accounts, distinguishing between accounts inside and outside of the United States.

"Through new infection and attack methods, this targeted threat shows that Trojans are continuing to evolve into extremely dynamic, adaptive tools for online criminals, resulting in a potentially damaging aftermath for its individual victims," said Ofer Elzam, director of product management for the Aladdin eSafe Business Unit and head of the Aladdin eSafe CSRT. "This eBay botnet attack is unique, and definitely not found through traditional security measures. Aladdin's innovative security specialists are closely monitoring this new threat and are notifying the Web sites we determine are infecting Web surfers."

eBay Botnet Attack

First discovered by the Aladdin eSafe CSRT, the first-of-its-kind threat uses a sophisticated Trojan that infects visitors of hacked Web sites worldwide. It then uses infected computers to conduct a sophisticated distributed attack on eBay accounts in an effort to steal personal financial information and potentially alter settings that can place sold items in the wrong hands. Aladdin researchers estimate the threat has gone undetected for several days and that hundreds of popular Web sites, regardless of local language or geography, could be affected and are still infecting visitors.

Continued momentum has been logged by the Aladdin eSafe CSRT, citing research gained through Aladdin's eSafe SecureSurfing solution -- a solution deployed by ISPs to block malware before it reaches their customers. The Aladdin CSRT continuously monitors online security events discovered by the SecureSurfing service in search of further details surrounding this complex threat.

About Aladdin eSafe

Aladdin eSafe protects against Web-based malware and zero-day threats through an in-line, wire-speed secure Web gateway featuring powerful anti-spyware, application level controls, and URL filtering. eSafe also controls spam and inspects SMTP and POP3 traffic though a proactive email security gateway. Visit http://www.Aladdin.com/eSafe.

About Aladdin

Aladdin Knowledge Systems' Software Rights Management products are the #1 choice of software developers and publishers to protect intellectual property, increase revenues, and reduce losses from software piracy. Aladdin eToken is the world's #1 USB-based authentication solution. The Aladdin eSafe secure Web gateway provides the most advanced protection against the latest Web-based threats and attacks. Aladdin has offices in 12 countries, a worldwide network of channel partners, and has won numerous awards for innovation. For more information, visit the Aladdin Web site at http://www.Aladdin.com.

(C)2007 Aladdin Knowledge Systems, Ltd. All rights reserved. eSafe, Aladdin Knowledge Systems and the Aladdin logo are trademarks or registered trademarks of Aladdin Knowledge Systems, Ltd. All other product and brand names mentioned in this document are trademarks or registered trademarks of their respective owners

    Press Contact:             Investor Relations Contact:
    Matthew Zintel             Mark Jones
    Zintel Public Relations    Global Consulting Group
    matthew@zintelpr.com       mjones@hfgcg.com
    310.574.8888               646.284.9414


__________________

Exposing the sleazery of ebaY and PayPal

 
budnonymous


Top Poster

Status: Offline
Posts: 3757
Date:
Permalink  



eBay Web Attack Hops From Other Sites

A second sophisticated Web-based attack against eBay and its users is being investigated by a Tel Aviv-based security vendor that discovered a recent similar attack.

Ellen Messmer, Network World


Yet another sophisticated Web-based attack against eBay and its users is being investigated by a Tel Aviv-based security vendor that discovered a similar attack two months ago involving a custom-made bot designed to steal accounts.

Ofer Elzam, Aladdin Knowledge Systems' director of product management, says his firm has determined in the last few days that at least two Web sites, one called Save Our Planet and another called Nova Radio, appear to have been compromised with malicious code that combines to launch an attack against a site visitor. The goal of the attack is to combine code to break in through the browser to the victim's desktop and install a Trojan to collect eBay user account information, if it's found, and connect to eBay to use that account information to commit fraud.

"There are a chain of sites that work together," says Elzam. "One Web page uses a trick with JavaScript to open a size-zero window, which takes content from a third-party site."

Elzam says Aladdin hasn't yet been able to reach the operators of the Save Our Planet and Nova Radio sites-- and notes that forty more Web sites may be tied to this attack, which is very fluid and changing-- but it has been in touch with eBay.

"The last time we saw this kind of attack, in September, it was from an Israeli labor organization site," says Elzam. He adds that Aladdin has been able to detect the suspicious code mainly because it has a relationship with an Israeli ISP to conduct this type of security monitoring.

The current attack against eBay and its account holders, based on attack code made available through compromised Web sites and triggered by unsuspecting Web visitors, is an epidemic that's becoming a favorite way to conduct cybercrime, Elzam says. "This hopping from site to site makes it very hard to detect," he says.


For more information about enterprise networking, go to NetworkWorld. Story copyright 2007 Network World Inc. All rights reserved.

More here

__________________

Exposing the sleazery of ebaY and PayPal

 
Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.
CAPP -> CAPP -> Aladdin Security Team Announces New Developments Surrounding eBay Botnet Attack
Tweet this page Post to Digg Post to Del.icio.us


Create your own FREE Forum
Report Abuse 		Powered by ActiveBoard