"Wheeeeeeeeeeeeeeeeeeeee" Ebay Hack by "V" continues

Software > E-Commerce > On-Line Auctions > e-Bay

"Wheeeeeeeeeeeeeeeeeeeee" Ebay Hack by "V" continues

By: System Administrator on: Fri 28 of Sep., 2007 09:00 BST (10567 Reads)

(2940 bytes)

EBay's public response to the apparent disclosure of users, ID's, Address's, Phone Numbers and Credit Card numbers included in posts on their Trust and Safety message board at eBay.com on Tuesday Sept. 25th remains limited to just two reports on their blog!

The first of the hackers posts appeared at 5.42 PDT. The posts title included a string of 32 alpha numerical numbers and letters. Subsequent posts towards the end of the attack, prior to the T&S board being completely closed down, included the letters "Wheeeeeeeeeeeeeeeeeeeee" followed by a 6 digit number. The posts when opened appeared to reveal that users personal information as provided by them to eBay.

Members of eBay at their US eBay,:::::.com/db2/thread.jspa?threadID=2000439492&start=0" rel="external nofollow">forum contacted ebays live help support team within a very short period of the first posts appearing, some were alleged to have been told to report the posts individually so that they could be looked into by message board staff. There were eventually around 1200 posts and with their regularity increasing the board was finally closed down. It remains unclear why eBay took over an hour and 12 minutes to finally shut the T&S message board to the public. They have denied that the credit card information included within the T&S board posts was authentic although have admitted that the addresses and other details were legitimate ones.

Some believe that the 32 digit alpha numerical sequence in the posts titles were the eBay data base's unique tag for the particular users ID being posted. As for the posts with "Wheeeee" in the title one can only speculate what the final 6 numbers represented, eBay employees maybe?

So far there have been very few reports in the media on the apparent 25th Sept. hack. Some sources believe that Vladuz was responsible for the attack, a Romanian who claims to have acquired the ability to penetrate the company's perimeter at will.

An eBay user who published a list of affected members to help alert users to those ID's compromised in the attack has since been NARU'd which is an eBay anacronym for, no longer a registered user.

As reported on The Auction Guild in February 2007, a German site Falle-Internet which provides information on online fraud, and scams, in particular ones involving eBay.de, was displaying screen shots provided by V of log in panels which should only be visible to eBay staff. These images have since been removed following emails from ebays legal department.

Earlier today a thread allegedly posted by V on an eBay forum linked to an eBay employees "about me" page which had been altered to display the employees address and email. That page and any relevant links have since been removed but we have screen grabs of both the about me page and the forum entries allegedly posted by V with a hacked user ID!

The link in the forum post pictured above led to the alleged eBay employees "About Me" page pictured below.

The hacked about me page was allegedly "live" online for over 4 hours!

So to summarise it appears that ebays security may have been seriously compromised for sometime and it looks as if it still is!

Or.... It all could be just a clever hoax?

1 comment (Hide)

More info on 32-digit id

on Sun 30 of Sep., 2007 23:58 BST, by Anonymous

The 32-digit id shows up to the public only after the user closes their account and waits the 14/15 days after completing the close account process, UNLESS they have had activity in the last 90 days. After it converts to the 32-digit id, it'll stay searchable in the eBay server publicly for only a brief time, then only eBay will be able to see it and the public won't. If they've had activity in the last 90 days, then it'll just show their id with the NARU notation.

Editing comment

Title (required)
Toolbars
Comment (required)	The 32-digit id shows up to the public only after the user closes their account and waits the 14/15 days after completing the close account process, UNLESS they have had activity in the last 90 days. After it converts to the 32-digit id, it'll stay searchable in the ebay server publicly for only a brief time, then only ebay will be able to see it and the public won't. If they've had activity in the last 90 days, then it'll just show their id with the NARU notation.
Anti-Bot verification code:
Enter the code you see above:
Enter your name (optional)
Post new comment

Category: e-Bay

article:

Wiki Help
Plugin Help

Wiki Syntax

Wiki Syntax
Bold text __text__
Italic text 2 single quotes ('). ''text''
Underlined text ===text===
Colored text ~~#FFEE33:text~~ or ~~yellow:text~~. Will display using the indicated HTML color or color name. Color name can contain two colors separated by a comma. In this case, the first color would be the foreground and the second one the background.
Deleted text 2 dashes "-". --text--
Headings !heading1, !!heading2, !!!heading3
Show/Hide !+, !!- show/hide heading section. + (shown) or - (hidden) by default.
Autonumbered Headings !#, !!#, !+#, !-# ...
Table of contents {toc}, {maketoc} prints out a table of contents for the current page based on structures (toc) or ! headings (maketoc)
Horizontal rule ----
Text box ^Box content^
Centered text ::text::
Dynamic variables %Name% Inserts an editable variable
External links use square brackets for an external link: [URL], [URL\|link_description],[URL\|link_description\|relation] or [URL\|description\|relation\|nocache] (that last prevents the local Wiki from caching the linked page; relation can be used to insert rel attribute for the link - useful e.g. for shadowbox). For an external Wiki, use ExternalWikiName:PageName or ((External Wiki Name: Page Name))
Square Brackets Use [[foo] to show [foo].
Wiki References JoinCapitalizedWords or use ((page)) or ((page\|description)) for wiki references , ((page\|#anchor)) or ((page\|#anchor\|desc)) for wiki heading/anchor references , ))SomeName(( prevents referencing
Lists * for bullet lists, # for numbered lists, ;Word:definition for definiton lists
Indentation +, ++ Creates an indentation for each plus (useful in list to continue at the same level)
Tables \|\|row1-col1\|row1-col2\|row1-col3\|\|row2-col1\|row2-col2\|row2-col3\|\|
Title bar -=Title=-
Monospace font -+Code sample+-
Line break %%% (very useful especially in tables)
Multi-page pages Use ...page... to separate pages
Non parsed sections ~np~ data ~/np~ Prevents wiki parsing of the enclosed data.
Preformated sections ~pp~ data ~/pp~ Displays preformated text/code; no Wiki processing is done inside these sections (as with np), and the spacing is fixed (no word wrapping is done). ~pre~ data ~/pre~ also displayes preformatted text with fixed spacing, but wiki processing still occurs on the text.
Comments ~tc~ Tiki Comment ~/tc~ makes a Tiki comment. It will be completely removed from the display, but saved in the file for future reference. ~hc~ HTML Comment ~/hc~ makes an HTML comment. It will be inserted as a comment in the output HTML; these are not normally displayed in browsers, but can be seen using "View Source" or similar.
Block Preformatting Indent text with any number of spaces to turn it into a monospaced block that still follows other Wiki formatting instructions. It will be indended with the same number of spaces that you used. Note that this mode does not preserve exact spacing and line breaks; use ~pp~...~/pp~ for that.
Direction {r2l}, {l2r}, {rm}, {lm}Insert resp. right-to-left and left-to-right text direction DIV (up to end of text) and markers for langages as arabic or hebrew.
Special characters ~hs~ hard space, ~c~ ©, ~amp~ &, ~lt~ <, ~gt~ >, ~ldq~ “, ~rdq~ ”, ~lsq~ ‘, ~rsq~ ’, ~--~ —, ~bs~ \, numeric between ~ for html numeric characters entity

Because the Wiki paragraph formatting feature is on, all groups of non-blank lines are collected into paragraphs. Lines can be of any length, and will be wrapped together with the next line. Paragraphs are separated by blank lines.

Plugins

Note that plugin arguments can be enclosed with double quotes ("); this allows them to contain , or = or >.

Filter:

Description

User-Agent Info Displays various information about the client.
Anchor Link Creates a link to an anchor within a page. Anchors can be created using the ANAME plugin.
Anchor Name Inserts an anchor in the wiki page. Anchors can be linked to using the ALINK plugin.
Image Annotation Displays an image and enables users to define zones to highlight information on the image.
Article Includes an article's content within the page.
Article List Inserts a list of articles in the page.
Back Displays a link that allows to go back in the browser history
Backlinks List all pages linking to the specified page.
Banner Insert a banner
Box Insert theme-styled box on wiki page
Calendar Includes a calendar and/or a list of calendar events.
Category Insert list of items with the current/given category in the wiki page
Category Orphans Display Tiki objects that have not been categorized
Category Path Insert the full category path for each category that this wiki page belongs to
Center Centers the plugin content in the wiki page
Code Displays a snippet of code
Dynamic Content Includes content from the dynamic content system.
Cookie Also known as fortune cookies or taglines
Countdown Displays a countdown from now until the specified date.
Div Insert a division block, span, blockquote or other text formatting on wiki page.
Definition List Creates a definition list
Events Includes the list of events from a calendar in the page.
Fade Displays a label. On click, the block of content will fade in and fade out.
Fancy List Creates a fancy-looking list
Fancy Table Displays the data using the Tikiwiki odd/even table style
Files Displays a list of files from the File Gallery
Flash video Displays a Flash (.swf) file in the wiki page
ftp Download box for a file on ftp server.
Google Analytics Add the tracking code for Google Analytics.
googledoc Displays a Google document
googlemap Displays a Google map
Group Display wiki text if user is in one of listed groups
Group List List of groups including a group
Group Stats Displays some stat about group belonging
HTML Include literal HTML in a Wiki page
Iframe Displays an iframe
Image Display images
Image Display images
Include Include a page's content.
Invite Invite an email in groups.
Jabber Runs a Java applet to access a local Jabber service
JQuery Insert JQuery javascript code. Requires feature_jquery (experimental - may change in future versions)
Javascript Insert a javascript file or/and some javascript code.
Kaltura video Displays a KALTURA video on the wiki page
Last Modification The last_mod plugin replaces itself with last modification time of the named wiki page, or the current page if no name given
List Pages List wiki pages.
List Directory Lists files in a directory
Mail Allow to send mail to groups or user or email directly
Map Displays a map
Mediaplayer Simple mp3 or flv Player
Mini Quiz Displays a miniquiz
Insert Module Displays a module inline in a wiki page. More parameters can be added, not supported by UI.
Monospace Displays the data using a monospace font
Mouseover Create a mouseover feature on some text
MySpace Displays a MySpace Flash mp3 playlist in the wiki page
Object Hits Displays object hit info by object and days
Picture Display uploaded pictures
Plugin Manager Displays a list of plugins available in this wiki.
Poll Displays the output of a poll, fields are indicated with numeric ids.
Profile Installer Adds controls required to install a profile.
Quote Quote text by surrounding the text with a box, like the [QUOTE] BBCode
Random Dynamic Content Includes random content from the dynamic content system.
Redirect Redirect the user to a wiki page or generic URL.
Remarks Box Displays a comment, tip, note or warning box
RSS Feed Inserts an RSS feed output.
SourceForge Automatically creates a link to the appropriate SourceForge object
sharethis Display a social networking tool.
Show Pages List wiki pages
Skype Clickable Skype link
Sort Sorts the plugin content in the wiki page
Split Split a page into rows and columns
Subscript Displays text in subscript.
Subscribe Group Subscribe or unsubscribe to a group
Subscribe Groups Subscribe or unsubscribe to a group
Superscript Displays text in superscript (exponent).
Tabs Provides tabs built using the smarty tabset block.
Tag Displays the text between an html tag
Thumbnail Displays a thumbnail of an image that enlarges upon mouseover or links to a target
Title Search Search wiki page titles.
Tracker Displays an input form for tracker submit
Tracker Comments Displays the number of tracker comments
Tracker Filter Filters the items of a tracker, fields are indicated with numeric ids.
Tracker Item Field Displays the value of a tracker item field or the wiki text if the value of the field is set or has a value(if itemId not specified, use the itemId of the url or the user tracker).
Tracker List Displays the output of a tracker content, fields are indicated with numeric ids.
Tracker Prefill Displays a button to link to a page with a tracker plugin with prefilled tracker fields.
Tracker Stats Displays some stat of a tracker content, fields are indicated with numeric ids.
Tracker Timeline Timeline view of a tracker, can be used to display event schedules or gantt charts.
User Count Displays the number of registered users
User List Displays a list of registered users
Vote Displays some stat of a tracker content, fields are indicated with numeric ids.
Wanted Pages Lists ''wanted'' wiki pages
Youtube Display youtube video in a wiki page