Once again, 'Vladuz' impales eBay defenses

Getting ridiculous


For at least the third time in as many months, a malicious hacker has gained unauthorized access to parts of eBay's network despite the best efforts of the company's security team to fortify its system against the embarrassing breaches.

A miscreant who went by a variation of the name Vladuz was able to secure credentials reserved for employees of eBay and post on at least two of the company's forums, including (ironically) one dedicated to trust and safety. The intrusion, like the others preceding it, is fueling suspicions that eBay suffers from systemic security problems, contrary to the online auctioneer's assurances that the hacker hasn't breached servers that store customer records and other sensitive data.

Over the past two months, the volatility in the number of auctions being posted and then pulled has skyrocketed. Critics say the spike is a result of a security hole in eBay's system that allows cyber-crooks to take over established accounts at will and post a flurry of fraudulent auctions. Once eBay's security team catches wind of the scams, the postings are removed, creating the sudden declines in listings.

eBay spokeswoman Nichola Sharpe said company security employees are taking measures to put a stop to Vladuz's intrusions. "We are in the process of putting lots of behind-the-scenes things in place to stop him," she said. "We're as confident as we can be" that the measures will work. Sharpe said members of the security team know exactly how the perpetrator is breaching the network. She declined to describe that method or to elaborate of the fixes being implemented.

There is no evidence today's breach was any different from previous times, when the hacker was able to penetrate servers that administer employee email and possibly other functions such as an intranet, Sharpe said. She was emphatic that the intruder has never accessed more sensitive parts of the network.

Those assurances have done little to assuage a small but vocal group of users who say fraud is running rampant on eBay. Indeed, just prior to the most recent breach, some forum participants were bemoaning the exploits of Vladuz and what they claimed was eBay's inability to fix the problem and its refusal to acknowledge it publicly.

"We have to be very patient until these problems rise high enough to get some attention by the wide public," a user with the handle thorbenhauer wrote at 10:24 AM German time. "And even then eBay will still stick to their good old tactics: plausible deniability, disposing every bit of proof they can lay their hands on and accuse others of misinformation." At noon, a posting appeared with the pink banner that is supposed to be reserved for official eBay representatives. Quoting part of thorbenhauer's message, the impostor, who used the nick vladuzpower, responded: "Turn on CNN on march 15, you might have a surprise, however I'm not promising anything." He didn't elaborate. The intruder also made pink postings on a US-based forum, Sharpe said.

Today's exploit is only the latest headache for eBay security personnel. Last week, an eBay user posted the personal information of at least 15 people, including first and last names, social security numbers, mother's maiden names, addresses, phone numbers, bank account numbers and credit card numbers. A call to one of the names listed confirmed that the information was accurate.

It was unclear how last week's poster, who did not log in as an eBay employee, acquired the information. eBay does not collect much of the data posted, so it's safe to assume at least some of it originated from a source other than the online auctioneer. ®


Other stories you might like

  • It's primed and full of fuel, the James Webb Space Telescope is ready to be packed up prior to launch

    Fingers crossed the telescope will finally take to space on 22 December

    Engineers have finished pumping the James Webb Space Telescope with fuel, and are now preparing to carefully place the folded instrument inside the top of a rocket, expected to blast off later this month.

    “Propellant tanks were filled separately with 79.5 [liters] of dinitrogen tetroxide oxidiser and 159 [liters of] hydrazine,” the European Space Agency confirmed on Monday. “Oxidiser improves the burn efficiency of the hydrazine fuel.” The fuelling process took ten days and finished on 3 December.

    All eyes are on the JWST as it enters the last leg of its journey to space; astronomers have been waiting for this moment since development for the world’s largest space telescope began in 1996.

    Continue reading
  • China to upgrade mainstream RISC-V chips every six months

    Home-baked silicon is the way forward

    China is gut punching Moore's Law and the roughly one-year cadence for major chip releases adopted by the Intel, AMD, Nvidia and others.

    The government-backed Chinese Academy of Sciences, which is developing open-source RISC-V performance processor, says it will release major design upgrades every six months. CAS is hoping that the accelerated release of chip designs will build up momentum and support for its open-source project.

    RISC-V is based on an open-source instruction architecture, and is royalty free, meaning companies can adopt designs without paying licensing fees.

    Continue reading
  • The SEC is investigating whistleblower claims that Tesla was reckless as its solar panels go up in smoke

    Tens of thousands of homeowners and hundreds of businesses were at risk, lawsuit claims

    The Securities and Exchange Commission has launched an investigation into whether Tesla failed to tell investors and customers about the fire risks of its faulty solar panels.

    Whistleblower and ex-employee, Steven Henkes, accused the company of flouting safety issues in a complaint with the SEC in 2019. He filed a freedom of information request to regulators and asked to see records relating to the case in September, earlier this year. An SEC official declined to hand over documents, and confirmed its probe into the company is still in progress.

    “We have confirmed with Division of Enforcement staff that the investigation from which you seek records is still active and ongoing," a letter from the SEC said in a reply to Henkes’ request, according to Reuters. Active SEC complaints and investigations are typically confidential. “The SEC does not comment on the existence or nonexistence of a possible investigation,” a spokesperson from the regulatory agency told The Register.

    Continue reading

Biting the hand that feeds IT © 1998–2021