EBay auction tool Web site infected with malware
A Trojan horse lurking on servers belonging to Auctiva.com, a Web site offering eBay auction tools, infected people's PCs last week.
The problem became very public when Google's malware warning system kicked in as people tried to browse the site, saying Auctiva was infected with malware. Google will display an interstitial page warning people of certain Web sites known to contain malware.
"It appears the reason these virus alert warnings started showing up on our site is because some of our machines were injected with malware originating in China," according to a post on Auctiva's community forum. "The malware we believe to be at fault has also hit a number of other high-profile websites over the past six months."
It appears that the malware targeted Microsoft's Internet Explorer browser. Auctiva recommended using Firefox, as that browser is "less susceptible to this sort of malware than Internet Explorer."
"Found eight trojans on my system that seemed to have snuck through my on-access protection, or maybe because, like a fool, I clicked 'ignore the warning' to get to Auctiva's front page," wrote one user on Auctiva's forum.
If Google displays a warning about a dangerous Web site, it still gives people the option of browsing to the site. Auctiva said it was working with Google to ensure the warning is not displayed now that it has cleaned up its servers.
However, people who browsed Auctiva between Thursday and Saturday afternoon until 2 p.m. Pacific time should ensure their machines are not infected. Auctiva recommends clearing the browser cache and deleting all temporary files. Also, Windows PCs should be up to date on patches, and antivirus software should be used, Auctiva said.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Could have been a victim...
Wow... that was a close one! I recently did a "buy it now" on ebay with a member named "mojitori". He's some guy that claims he lives in Bankok, Thailand yet the items are apparently coming from somewhere inside of Australia.I consider myself to be a pretty bright guy, yet in the midst of finding "the perfect item" for my fiancee, I got careless about where the item was coming from. Usually, I check the seller's positive and negative feedbacks and make sure that it's coming either from the U.S. or Canada. I failed to do this yesterday... and almost paid for it.
While I DID check his feedback (which had only one negative in the last 12 months), I failed to realize that it was coming from somewhere in the other half of the world. Usually, I won't buy from someone like this strictly because I don't want to wait a month just to get an item that I could have found in a store.
So what's the problem? This seller claims that he uses PayPal, but mentions nothing about an "auction tool" called auctiva.com... hmmm, convenient. Regardless of a site I knew nothing about, I went to pay for this item and Google's message popped up. I was quite worried when I saw it, but if you commit to buying an item on ebay, you pay it no matter what. I didn't want my good name tainted on the world's largest internet store site. So, like a fool, I clicked "ignore this warning" and further tried to pay the debt... several times. Unsuccessful every time, I turned to ebay customer support who was no help at all. I also tried to contact the seller and see if there was a way to pay for the item otherwise. But of course, no response. Big surprise, right?
In the end, I think the only thing that saved me was the fact that I switched to Mozilla Firefox a couple of months ago. It is my understanding that Internet Explorer was getting hit a lot harder with Trojans and the like.
Now I just have to keep my fingers crossed and pray that nothing infected my computer. But thanks to this article, if something snuck in... at least I'll know why.