Wednesday, 5 September 2007
Now eBay Becomes Botnet Target
|
| |
According to a Israeli security company, eBay, the world’s biggest online auction site has become the target of identity thieves who are stealing login and account details of users... |
| |
|
| |
According to a Israeli security company, eBay, the world’s biggest online auction site has become the target of identity thieves who are stealing login and account details of users.
According to security expert, Ofer Elzam, the attacks may have started as sometime in early August. "My best estimate is that there are at least 300 compromised sites. "These sites are compromised by SQL injection vulnerabilities, and then IFrame attack code is inserted," Elzam said.
He said the botnet is being used to call an eBay application-programming interface (API) with a couple of possible usernames and passwords. The API then allows the Trojan horse-infected PC to communicate directly with the eBay database using XML-formatted code. |
| |
|
|
| |
|
|
| |
|
|
| |
|
