backtop


Print 30 comment(s) - last by Spacecomber.. on Sep 12 at 4:01 PM

A massive brute force attack, lasting for more than a week, threatens to compromise eBay's userbase

If the Monster.com compromise last week got you down, wait until the full details of eBay's current battle come to full light.  It's not been publically confirmed by eBay representatives, but the company is at war with a zombie network.

According to an interview with security experts on eWEEK, the botnet is hammering away at eBay in an attempt to brute force its way into accounts with financial and personal information. Aladdin Knowledge Systems claims this attack has been underway for at least one week.

 

The zombie infection itself seems to be very complex and designed to be loaded in pieces. Apparently 300 or so infected websites are disseminating the virus to visitors that use those websites. The virus then goes out to the web and pulls several pieces of information it needs to attack the eBay accounts.


Aladdin Knowledge Systems claims there are 4 or 5 stages to the Virus to gather everything it needs to launch and participate in the attack. It is currently unknown how many machines are infected and participating in this attack.  Aladdin Knowledge Systems first noticed the botnet attack when it was discovered by their eSafe SecureSurfing product that is marketed to ISP's to monitor and filter infected websites.

 

Additional details, including any database compromises, have not been disclosed.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: myspace as well
By Master Kenobi (blog) on 9/7/2007 8:49:24 AM , Rating: 2
I bet they started each account attack with "password" and I bet they got in on quite a few.


RE: myspace as well
By AlvinCool on 9/7/2007 9:39:03 AM , Rating: 2
I totally agree. If it were me I'l attack with all common passwords then attack again with numbers from 0 - 9 at the end. I would think you could rack up on accounts that way in a short period of time


"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki