Please read this text accompaniment
Here we have an example of the floating javascript exploit which the hackers are using on ebay.
address markuspowell2005@gmail.com is used to hijack the account of ebay seller 123fimi (9)
We look into the item Sharp Aquos LC52D92U 52" LCD HDTV
Item number: 250115382002
Starting time: May-14-07 06:55:13 PDT
Starting bid: US $100.00
Duration: 3-day listing
Note the address also visible in the location area of the listing, at 3:21 into the video,
allenvince0@gmail.com, shows on a google search as a KNOWN hijacker's address. (use the pause feature, as the floating box quickly obscures it.)
Moving on, using FireFox extension "NoScipt", I allow scripts to run from both ebay, and ebay static. Note when I do that, the floating form follows the scrolling.
Ebay allows this dangerous coding to be used in all it's auction listings, and this is only one of the many exploits possible using JS. Others include the redirection scripts, of which there are several variants, where the unsuspecting user is asked to re-sign in to view a listing, or an "about me" page, or any other number of methods. That, IMO, is similar to running a grocery store or a flea market where thieves and pickpockets are waiting in every isle and checkout lane, all while the owner denies they exist, even blaming the victim.
Why doesn't ebaY stop them? Because they cannot? Because of HUBRIS? Because they are making profit at the expense of the consumers? It has been suggested that since ebay profits greatly from the scams, that they, themselves have perpetrated the hijackings, and used Vladuz as a scapegoat.
Another valid question, Why is ebaY not informing and alerting the consumers? Both buyers and sellers are at grave risk! IMO, it is tantamount to allowing passengers to remain on a sinking ship, not lowering lifeboats or distributing life jackets, and denying that they are taking water at a ever increasing rate.
We also take a brief look at some of my recent past consumer awareness efforts. Please view them to get an idea of the entire situation.
Ebay has done everything possible to suppress this information, including threats, harrassment and intimidation. Go read The Auction Guild Articles "ebaY Tries Intimidation" "ebaY Holding Smoking Gun?" and "ebaY Debases Fraud Reports"and
Further, go to US CERT site, read Vulnerability Note VU#808921
That exploit has been uncorrected for at least one whole year, possible as long as OVER 2 years. Rather than fix it, ebay would rather spend IT's time and effort censoring IT's forums, and bullying any website, and suspending any members who dares speak the TRUTH. (or even ask the question.)
Back in mid February, über-hacker Vladuz deeply penetrated ebaY's systems, and was able to post on the community forums in both Germany and the USA, on multiple occasions. Vladuz was supposed to give a TV interview with CNN on The Ides of March, March 15th. That interview was mysteriously canceled.
Ever since back then, ebaY has been in complete SHAMBLES. Go view the Medved auction count charts to see some examples. Recent examples are 04-28-07, & 05-03-07 daily charts. Those Cartesian "curves" tell the story.
Lastly, we visit the so-called "Trust and Safety forum on ebaY USA, to see a thread which basically tells the ebay users that no fraud is to be discussed, and no keywords, item numbers etc, which may help to stop the fraud may be posted.
Plenty of ebaY members have reported being "NARUd" (suspended) for as little as the mere mention of hacking. This is documented at a digg article. entitled "Proof that eBay does censor its discussion board postings" as well as many other reports.
Please visit these sites before you consider using, or continuing to use ebaY
suspendedfromebay.com
firemeg.com
companyexposed.com
nekkidtruth.blogspot
theauctionguild.com
pheebay.com
ebaymotorssucks.com
screw-paypal.com
------------------
You may also visit my channel page and follow links from there to my blogs, or google my youtube username cappnonymous
Note: This audio/visual /digital document was created using the new and improved ZDSoft Screenrecorder 2.6.2, & "Super C v2007, March 14 2007".
I am using firefox 2.003 browser, with adblock plus, noscript, super drag n go, Image Zoom 0.3, and slim search extensions, and my "bumped" SpoofStick 1.06, among others.
OOPs, did I forget to mention these listings are LIVE as I finish editing this text? The Sharp Aquos LC52D92U 52" LCD HDTV
Item number: 250115382002 shows 2d 01h 42m remaining.
So much for Rob Chesnut and his glorious anti-fraud policies, eh?
Edit: 05-15-07 I see ebay is hard act work burying the fraud again, as the marcuspowell2005 address and the item # have both now disappeared from searches.
I have a sneaky hunch we will see more about that.
Views :
10361
Rating :
4.33
Keywords, Tags :
parody Massive Worldwide Data leaks Truth "cover-up" scandal fraud greedbay sleazebay
Video Length :
7 : 29
Comments :
one time i was on ebay and one of the ads had a browser exploit and it made it look like i was still on ebay but really i was on a different site, I could have lost my credit card number right there
if you want prrof, defraud the scammers, and watch how ebay will fight against that. Crooked bastards, so incompetent, they are lossing theri asses.
ya ebay sucks, my neighbor made a new account and i managed it. She never once logged in, becasue she had no pc, so i was the only one to log in. I know all about fake emails and such, and I always go directly to ebay. Well after loggin in fine for about 1 week, all of a sudden, i get bukucharges to my credit card and my pass changed. I contacted ebay about it, you know what they did.
They suspended my account, becasue i was linked to her account, who got all kinds of bad feedback. EbayDead
Like Storm-Worm
Why?
bombkitten, please expand & read the description, read the rest of the comments, maybe follow up a bit.
Yes, ebay is hacked!
Ebay has been under massive attack since at least Feb 2007.
Latest threats include the Bayrob.trojan, & the complex botnet discovered by Aladdin Knowledge Systems, along with the long uncorrected ID stealing xss flaws(s) & flash redirects etc.
And of course the NON stop phishing attempts against users.
Thanks for asking.
Following up a bit.
I have personal knowledge that ebay was not truthful. I witnessed the attack. I documented the attack. I SPOKE to people whose names&data was posted AS the attack was underway. The #s were real.
Ebay started COVERING the incident up looong before the board shut down.
Further -Y all the censorship?
Phrase "credit card" NOT allowed on ebay forums?
ebay is Hacked & PWNED!
Vladuz may listen in on Meg's phone calls.
Read Danny Bradbury article "Hacker taunts eBay with attacks"
There is NO PROOF the #s were fake, only ebay's CLAIM
Further- ebay gave 3-4 FALSE statements regarding the incident.
U really believe anything from ebay now?
Viewers can research & decide themselves.
Google:
"eBay Inc. Caught in Web of Lies About Hacking Attack"
"The Auction Guild Inc - YOUR ebaY Account Exposed?"
"Following Up on the "ebaY Major Hack AttacK! User's Data Posted On Ebay T&S Bd Incident"
"Questions Remain About eBay Members' Info Theft"
do Million$ at stake make LIARS?
7 : 29 
one time i was on ebay and one of the ads had a browser exploit and it made it look like i was still on ebay but really i was on a different site, I could have lost my credit card number right there 
2006©Viduz.com All Rights Reserved. All Video materials brought by YouTube.com