SAN FRANCISCO--(BUSINESS WIRE)--Online auction site, eBay, is unwittingly selling software that is used to hack eBay user accounts and steal personal information, according to research from online security experts PC Tools.
A number of software items for sale on the worlds leading online auction site contain a variety of programs including keyloggers, trojans and other malware making devices that are aimed at helping users hack computers, websites and even individual user accounts.
Despite eBays excellent reputation for ensuring that it protects both consumer safety and privacy, its almost impossible to police every item, said Mike Greene, VP Product Strategy at online security experts PC Tools.
I am certain that the sale of this sort of software on eBay comes as a surprise to most, but the success eBay has also meant that the worlds leading online auction site can also attract the wrong kind of attention, said Greene.
It is ironic that something intended ultimately to steal a consumers identification and financial information is being sold via what is one of the worlds number one targets for the ID theft, said Greene.
Hacker toolkits that used to be available only on hidden forums are now for sale on eBay, according to security vendor Tier-3.
The development is further evidence of the burgeoning and complex trade network that supports e-crime on the internet, said Geoff Sweeney, chief technology officer at Tier-3.
'High level hacking tools, including surreptitious trojan loaders and Web site hacking utilities, are being put into the hands of almost any internet user,' he said.
The kits are often sold as ethical hacker training courses, but can easily be used for malicious purposes.
We are satisfied that the presence of such an item on the US site is not commonplace, as although we have 100m listings live on the site globally at any one time, we are very effective at removing prohibiting items, often before the listing ends and any sale is completed," said eBay in a statement.
It seems as if this story is picking up steam. Of course you can get the full coverage by visiting my blog at wordpress. There are screencaps and more info than any of the news reports there. B^D
You can now bid on programs covering the full range of hacking software on eBay.
Matthew Sainsbury, Computerworld
Wednesday, September 19, 2007 6:00 PM PDT
Programs covering the full range of hacking software, from Trojans to keyloggers to step-by-step tutorials on how to effectively hack Web sites and personal information have now entered auction house eBay, raising the concern of one security company.
"It's a simple matter of searching for it now" said Magida Ezzat, marketing communications manager at PC Tools.
"It's also very, very cheap - it's possible to even get it for free." Although the programs have become readily available on the Internet outside of eBay, the concern is that eBay is a site accessed by the general public, and the sale of hacking software through it is raising awareness with new audiences. "People don't need to be highly technical to access and use hacking software," Ezzat said.
Although awareness of how to obtain and use hacking software is on the rise, policing and preventing the sale of the software remains difficult.
"For a Web site as large as eBay, policing is a near-impossible task," Ezzat said. Despite this, security-focused Web sites such as eBay are aware of the problem. "Hacking software that was available yesterday has been taken off the auctions today," Ezzat said.
The good news is that hacking software auctions aren't very popular at this stage. A search of the eBay Web site reveals that very few auctions featuring hacking software have any bids.
The good news: hacking software auctions aren't very popular at this stage
September 20, 2007 (Computerworld Australia) -- Programs covering the full range of hacking software, from Trojans to keyloggers to step-by-step tutorials on how to effectively hack Web sites and personal information, are now available on eBay Inc.'s online auction site, raising the concerns of one security company.
"It's a simple matter of searching for it now" said Magida Ezzat, marketing communications manager at PC Tools.
"It's also very, very cheap -- it's possible to even get it for free." Although the programs are readily available on the Internet outside of eBay, the concern is that, since eBay is accessed by the general public, new audiences could become aware of how easy it is to get hacking tools. "People don't need to be highly technical to access and use hacking software," Ezzat said.
Although awareness of how to obtain and use hacking software is on the rise, policing and preventing the sale of the software remains difficult.
"For a Web site as large as eBay, policing is a near impossible task," Ezzat said. Nonetheless, security-focused Web sites such as eBay are aware of the problem. "Hacking software that was available yesterday has been taken off the auctions today," Ezzat said.
The good news is that hacking software auctions aren't very popular at this stage. A search of the eBay Web site reveals that very few auctions featuring hacking software have any bids.
Here we go, see someone else too has searched ebay and found more.
BTW, If anyone wants that stuff for free, just ask. I will show you exactly where to find it all. Would you believe from someone associated with ebay & Paypal in san jose? Believe it.
I have include current adverts for hacking tools for sale on Ebay as of today's date 21 September 2007.
Kits that claim to help people hack into computers have been discovered for sale on the auction website eBay.
Security experts found a selection of CDs, DVDs and programs for sale on eBay that promise to help buyers learn how to break into computers over the net.
One CD - claiming to be on sale "for educational use only" - promises details of how to access other people's computers and contains a selection of programs commonly used for hacking. It is available through the site for £5.99.
Many of the programs form the basic building blocks for computer crime, allowing even inexperienced hackers to find ways to get inside their victims' computers, or of masking their identities.
Although such tools are often downloaded for free or sold on the black market, such trade usually happens in remote corners of the internet.
"This is a serious development," said Geoff Sweeney of the security company Tier-3, which spotted the auctions. "It basically puts high level hacking tools ... into the hands of almost any internet user."
Programs for sale include "email bombers" - used to send thousands of spam messages, often containing viruses - and software that can be used to crack open protected files and passwords.
The above article points to these three items. The author may not realize that ebay will make all that evaporate, leaving his work to look bogus.
The screencaps are full sized images. Click to expand them if need be.
Hacker toolkits - which were previously confined to specialist hidden forums on the Internet - are now being sold openly on auction sites such as eBay, for as little as $20. Where previously would-be hackers had limited access to the hacker forums and source the kits, the fact that they are now on open sale on eBay is very worrying.
The hacker kits are usually sold on eBay as ethical hacker training courses, but the courses also include a wealth of utilities for "educational purposes".
"This is a serious development," said Geoff Sweeney, Tier-3's CTO." It basically puts high level hacking tools, including surreptitious trojan loaders and Web site hacking utilities, into the hands of almost any Internet user - including novices - providing they have an eBay and Paypal account," said Sweeney.
"This is really bad news for companies of all sizes, as it means they have to be extra-careful on the IT security front. As we've said before, companies can no longer rely on a single line of defence for their IT resource and now need to consider extending their security umbrella to include behavioural analysis technology," he said.
"Only then can they have a safety net capable of intercepting both known and unknown electronic attacks on their IT systems," he added
Hacking kits, enabling criminals to break into personal email and bank accounts, are being sold on eBay, online security experts have warned.
Anyone wanting to obtain private information from a computer can buy the spying software for as little as £10.
The warning, from PC Tools, suppliers of computer security products, follows a report that internet crime has become a major commercial activity worth billions of pounds.
Launched in Britain in 1999, eBay is the most visited commercial site in the UK. Some 15?million people have registered with the online auction house, buying and selling everything from soap to Honda motorbikes.
But PC Tools has discovered that users can also buy DVDs loaded with hacking programmes. These include trojans, a type of virus that lets hackers obtain passwords by logging keystrokes.
The virus is presented to its receiver as an apparent gift, often an email which masquerades as an image or joke.
Mike Greene, the vice-president of product strategy at PC Tools, urged people to watch for fake emails in inboxes.
"Everyone is quick to point the finger at China and Russia when it comes to websites selling spyware and hacking kits but what about eBay?
"There are regular sellers purchasing hacking kits that include spyware and tell you how and where to use them," he said.
"While eBay makes every effort to ensure its auctions are safe and law-abiding, it is almost impossible to police every item."
An eBay spokesman said it monitored the site to ensure illegal items were not sold. "We have strict rules permitting only lawful and legitimate sales and a huge amount is done to ensure that these are upheld," he said.
He added that illegal spy software rarely appeared on the site. "Although we have 100million listings at any one time, we are very effective at removing prohibited items."