Saturday, October 20, 2007

Ebay users beware, especially when buying cars

There's a new Trojan that has been helping thieves steal from innocent ebay users. It makes fake websites on your infected computer that make the thieves look legit. All you have to do is click on an attachment that looks like it came from ebay and your computer is theirs.
The Trojan installs a scaled-down webserver on an infected machine that masquerades as eBay and several third-party destinations frequently used to sniff out fraudulent offerings, including, and
When a victim browses to one of these sites, the webserver creates a parallel universe of sorts, in which the victim sees counterfeit pages designed to counter fraud protection mechanisms offered by eBay and third-party sites.

"To think that somehow they got software on their system that managed to spoof all the validation sites - that's a shit-scary story," said Roger Thompson, a researcher at Exploit Prevention Labs who specializes in web-based attacks. "It's fiendishly clever."

If you really want to read a scary story, though, it's all about Storm Worm.