Israeli security firm Aladdin has reported the discovery of a new bot network that is using brute-force attacks to break into eBay accounts and obtain money. The security experts discovered the bot network on Monday, though it is assumed that the network has been in operation for more than a week.

The unnamed trojan on which the bot network is based is reportedly distributed via hacked websites that have had IFrames injected into them. The attackers then attempt to exploit old security holes in Internet Explorer via malicous content delivered by these IFrames to install the trojan on the victim’s computer. This means of propagation is similar to the one used by the MPack web attack tool. Aladdin states that infected computers – the drones in the bot network – receive an eBay access name and a list of passwords from the operator of the bot network. The trojan then tries to log into the account by using an application programming interface (API) provided by eBay.

The security experts at Aladdin say that they have discovered more than 300 infected websites that spread the trojan. Unconfirmed reports claim that eBay accounts have already been cracked and misused: One Texan’s account has allegedly been manipulated, the identity of an Englishman being inserted to replace the original data. The attacker then attempted to buy items using the account. Furthermore, the user’s PayPal account was reportedly manipulated, possibly to pay for the items ordered.

Related Articles

UK eBay users targeted in Trojan botnet attack

Russian eBay fraud website closed down

Vladuz - Romanian storm over eBay

Majority of web phishing attacks aimed at eBay and PayPal

Hacker Breaks Into eBay Server

Posted: 09|6|07 at 2:03 pm. Filed under: eBay Auctions.