Smart Trojan Targets eBay Users


It seems like people that make malware are getting more specific nowadays, the are no longer writing random self-propagating worms or trojans just for the sake of knowledge or notoriety.

Far more common nowadays is malware for specific purposes to capture login or banking details for certain sites or organisations.

This time it’s a custom trojan targetting eBay users.

eBay users are being targeted by an advanced Trojan that attempts to redirect traffic so it can silently bid on a car from the auction site’s car section, Symantec is warning. It is the latest security headache for eBay, which has faced an onslaught of complaints from some users who say fraud on the site has increased to unacceptable levels over the past few months.

eBay officials are aware of the Trojan and are working with Symantec to prevent it from affecting buyers and sellers, a spokeswoman said.

It seems to be a combination of phishing and malware rolled into one to grab details from eBay users.

Trojan.Bayrob implements a proxy server so that traffic intended for eBay is instead sent to one of several sites controlled by the attacker. Traffic is redirected by changing settings corresponding to at least six eBay URLs in the victim’s hosts file. Once connected to rogue servers, Bayrob is programmed to download configuration data, including a variety of php scripts.

At least one of the scripts, Var.php, downloads variables such as tokenized versions of eBay pages designed to dupe a victim into thinking they are legitimate. One such page spoofs eBay’s “Ask a question” section, which allows prospective buyers to – wait for it – ask sellers questions.

As always do be on guard.

Source: The Register

Posted in: Malware, Web Hacking, Windows Hacking

, , ,


Latest Posts:


GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.


One Response to Smart Trojan Targets eBay Users

  1. Daniel June 4, 2007 at 9:07 am #

    ive customized some trojans to do everything from steal iTunes accound info to digg stories