ebaY malware alert! Google Safe Browsing Tool

budnonymous · Top Poster

ebaY malware alert! Google Safe Browsing Tool

budnonymous · Top Poster

It's getting worse! Now showing:

Malicious software includes 74 scripting exploit(s), 3 trojan(s).

Malicious software is hosted on 6 domain(s), including cosplaywig.com/, diabetic-wound.com/, 4safe.in/.

5 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including rubux.biz/, mat-esales.com/, auktionpower.com/.

Uploaded with ImageShack.us

hacked, cracked, zombied, and pwned!

budnonymous · Top Poster

Just a reminder that ebaY is still loaded with malware and drive-by-downloads etc. Hardly a day has gone by when it wasn't found on the site.

Uploaded with ImageShack.us

Think it's bad now? Just wait until Donahoe's glorious "project adfarmbay' is complete, as they've been infected by malware/spyware/adware from 3rd party ads before ... LoL!

budnonymous · Top Poster

It's getting worse and worse...

What is the current listing status for ebay.com?

This site is not currently listed as suspicious.
Part of this site was listed for suspicious activity 26 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 224752 pages we tested on the site over the past 90 days, 117 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-07-17, and the last time suspicious content was found on this site was on 2012-07-17.
Malicious software includes 10 trojan(s), 9 scripting exploit(s).
Malicious software is hosted on 23 domain(s), including charityairsupport.org/, 178.162.167.0/, confeccioneschurata.com/.
30 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including clazzio.us/, charityairsupport.org/, onmouseup.info/.
This site was hosted on 30 network(s) including AS11643 (EBAY), AS20940 (AKAMAI), AS4436 (AS).

budnonymous · Top Poster

She's still showing plenty of issues including scripting exploits. That means redirects.

But in case you missed it, they finally have been getting flagged by Firefox (with the "Attack site" page) too on at least a few stores/pages. Here's an example.

budnonymous · Top Poster

Welcome to tonight's CAPP forum inside joke.

.... ebay sent me an email about google safe browsing page....

rotflmao!!!!

Why don't you just post an announcement? bwhahahahahhaha!

You know what sleazebaypal?
There aren't even words suitable to describe you anymore. I could try to make some up ... How about... uh... bleeping blimzapped festercluck? lmao

No, I don't think even that says it all. Not even close.

There's likely a simple term which I'm laughing too hard to recall, but it's still music to my ears.

I trust everyone understands what happens when we use a chicken to measure it.

Oh yes, and of course google safe browsing is still showing exploits on ebay. ;p

budnonymous · Top Poster

LoL! I see the problem hasn't gone away. Not by a longshot. Someone got scammed for $8500 and the paid shills are tripping over themselves to defend sleazebay, which is still as infected and unsafe as ever.

Whats Your Chance Of Getting Infected By eBay Malware?

^ Click through to the discussion bds...

edit: This part of the above linked post really irks me

... Liveworld, eBays forum provider and moderator, did remove a post last night below the above that claimed this website was loaded with spyware. Thats a classic shill tactic to scare others. eBay wants you to feel safe shopping on their website, and Im sure they dont want any of their shoppers visiting this site. ...

Yes, ^ they've made numerous wholly false allegations to that extent with regards to any and all sites/personalities/content which/whom have ever criticised or exposed sleazebay.

That may be one (of many) reasons why they have such die-hard critics and enemies.

-- Edited by budnonymous on Monday 18th of February 2013 12:39:11 PM

budnonymous · Top Poster

What is the current listing status for ebay.com?

This site is not currently listed as suspicious.
Part of this site was listed for suspicious activity 38 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 84692 pages we tested on the site over the past 90 days, 523 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-03-22, and the last time suspicious content was found on this site was on 2013-03-22.
Malicious software includes 21 trojan(s), 4 exploit(s).
Malicious software is hosted on 170 domain(s), including quickerchief.com/, mistersiam.com/, 24-verygoods.ru/.
80 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including evergl.com/, lododesign.com/, mahtab.tv/.
This site was hosted on 36 network(s) including AS11643 (EBAY), AS4436 (AS), AS2914 (NTT).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, ebay.com appeared to function as an intermediary for the infection of 18 site(s) including stores.ebay.com/HOTRIDEWHEELS_18-TIRES_W0QQfsubZ18/, ownster.com/, stores.ebay.com/HOTRIDEWHEELS_18-TIRES_W0QQcolZ4QQdirZ1QQfsubZ18QQftidZ2QQtZkm/.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Updated 3 hours ago

budnonymous · Top Poster

05-04-1013

https://www.google.com/safebrowsing/diagnostic?site=http://ebay.com

What happened when Google visited this site?

Of the 92911 pages we tested on the site over the past 90 days, 355 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-05-04, and the last time suspicious content was found on this site was on 2013-05-03.
Malicious software includes 22 trojan(s), 8 exploit(s).
Malicious software is hosted on 73 domain(s), including quickerchief.com/, 24-verygoods.ru/, jewelryatoz.com/.
65 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mahtab.tv/, lododesign.com/, truck-fever.com/.
This site was hosted on 33 network(s) including AS11643 (EBAY), AS4436 (AS), AS20940 (AKAMAI).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, ebay.com appeared to function as an intermediary for the infection of 20 site(s) including stores.ebay.com/HOTRIDEWHEELS_18-TIRES_W0QQfsubZ18/, stores.ebay.com/HOTRIDEWHEELS_18-TIRES_W0QQcolZ4QQdirZ1QQfsubZ18QQftidZ2QQtZkm/, ebay.be/.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

budnonymous · Top Poster

And in case you haven't seen it yet, Paypal has also been showing infected for a while now:

Check the page yourself: https://www.google.com/safebrowsing/diagnostic?site=http://www.paypal.com

Do you trust ebay and paypal to alert you to obvious critical safety issues?

What is the current listing status for www.paypal.com?

This site is not currently listed as suspicious.

What happened when Google visited this site?

Of the 4402 pages we tested on the site over the past 90 days, 50 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-05-03, and the last time suspicious content was found on this site was on 2013-05-02.
Malicious software includes 48 trojan(s), 36 exploit(s).
Malicious software is hosted on 9 domain(s), including 91.213.126.0/, rgpsales.com/, delveaudio.com/.
8 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including rgpsales.com/, ccselecta.it/, delveaudio.com/.
This site was hosted on 24 network(s) including AS4436 (AS), AS20940 (AKAMAI), AS2914 (NTT).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, www.paypal.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

budnonymous · Top Poster

And once more...

https://www.google.com/safebrowsing/diagnostic?site=http://ebay.com

(additional emphasis mine)

Safe Browsing

Diagnostic page for ebay.com

What is the current listing status for ebay.com?

This site is not currently listed as suspicious.
Part of this site was listed for suspicious activity 70 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 95988 pages we tested on the site over the past 90 days, 196 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-07-07, and the last time suspicious content was found on this site was on 2013-07-02.
Malicious software includes 22 trojan(s), 9 exploit(s), 1 scripting exploit(s).
Malicious software is hosted on 47 domain(s), including jewelryatoz.com/, 24-verygoods.ru/, wearelegendary.com/.
36 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mahtab.tv/, two2readblog.com/, timedesign.de/.
This site was hosted on 35 network(s) including AS11643 (EBAY), AS4436 (AS), AS2914 (NTT).
(more at poage)

And don't forget, paypal looks to be infected too. just change the google safe browsing url to paypal.com ^
Now shows a mere 115 trojans. LoL!

Just to remind everyone [again] about past (and typical) ebaY security achievements...
pay careful attention...
Malware was served up from ebay's own servers/pages for many months. All along the way there were reports of the malware and reassurances by ebay staffers. People who chose to trust them got owned.
Red Condor Warns Of Fake eBay Security Alert

budnonymous · Top Poster

After a short while with little to no detections, ebaY again shows issues:

(Ahem, Paypal too )

What is the current listing status for ebay.com?

This site is not currently listed as suspicious.
Part of this site was listed for suspicious activity 9 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 77648 pages we tested on the site over the past 90 days, 11 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-10-17, and the last time suspicious content was found on this site was on 2013-10-17.
Malicious software includes 20 exploit(s), 17 trojan(s).
Malicious software is hosted on 14 domain(s), including wearelegendary.com/, hilason.com/, 4safe.in/.
4 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mat-esales.com/, sunsetwebdesign.com/, boutiquevalue.com/.
This site was hosted on 34 network(s) including AS11643 (EBAY), AS31377 (AKAMAI-BOS), AS16625 (AKAMAI-ASN1)

Google Safe Browsing diagnostic page for ebay_com_20131017_640ce.png

See for yourself: paste in new tab or window

https://www.google.com/safebrowsing/diagnostic?site=http://ebay.com