A new Trojan horse has generated a network of zombie computers that is attempting to break into eBay accounts. As eWeek reports, the network—or botnet—is running a distributed brute force attack in order to steal financial information from unwitting eBay users. Aladdin Knowledge Systems, an Israeli security firm, told eWeek the attack has been going on for "at least a week."
Aladdin claims the Trojan that ropes infected systems into the botnet is being disseminated by "up to 300" popular websites that have been hacked. In Israel, for instance, a popular price comparison site and the site of the country's biggest labor union have both been infected.
"It uses so many techniques," [Aladdin eSafe Business Unit Director of Product Management Ofer Elzam] said. It starts by inserting an invisible frame that opens a page that's also obscured from the victim, he said. That page then runs some Ajax and XML script that starts to troll sites, one after another, looking for known vulnerabilities. It downloads some code elements that in turn download other code elements. After four or five stages, it then launches, connects to another server and downloads user name/password name combinations that it uses to attempt to gain access to valid eBay accounts.
"It's very sophisticated and [ever-changing] and can switch sides and move on and infect other sites again with similar attacks," Elzam said.
More worrying yet, eWeek says eBay has yet to respond to Aladdin Knowledge Systems regarding the attack.
|Asus Tinker Board gives the Raspberry Pi 3 a run for its money||7|
|Asus ROG Maximus IX Formula chills with an EKWB waterblock||0|
|Deals of the week: high-powered graphics cards, monitors, and more||5|
|Eurocom Tornado F5 SE mobile server can eat desktops for lunch||6|
|Microsoft releases Pix DX12 tuning and debugging tool for Windows||13|
|Cryorig's QF140 fans offer a choice of silence or performance||15|
|SteelSeries' Apex M500 keyboard reviewed||11|
|Radeon Pro Duo price drops could herald Vega's arrival||24|
|Seagate lets loose 1TB and 2TB Enterprise hard drives||20|