728_header.jpg (23748 bytes)
 Home 
 EB Blog 
 AB Blog 
 Letters 
 Podcasts 
 Forums 
 EPIS 
 Classifieds 
 EKG 
 Ratings 
AuctionBytes Blog
Covering auctions, collectibles and marketplace selling.

AuctionBytes Blog The AuctionBytes Blog has been giving a voice to online merchants since its launch in 2005. Named one of the world's top 30 blogs in 2008 by "Blogging Heroes." Weigh in with your thoughts on the joys and pitfalls of selling online.
Sat Oct 6 2007 21:00:40

Hacker Vladuz Accesses eBay Servers, Suspends Accounts

By: Ina Steiner
Sponsored Link
eBay confirmed that a known fraudster had limited access to a very small number of eBay accounts on the eBay.com site and the company appeared to have reacted quickly to block him on Friday. eBay spokesperson Nichola Sharpe said, "At no point did the fraudster get any access to financial information or other sensitive information." In a strange twist, some users reporting the incident said they had been openly critical of a hacker calling himself Vladuz and had been suspended briefly during the incident.

Vladuz has been targeting eBay for at least 10 months and is believed to have been responsible for last week's posting of approximately 1200 eBay members' names, User IDs and addresses and unmatched credit card numbers to the eBay discussion forums.

The latest drama began unfolding Friday afternoon. One user explained that she received an email that said, "Stop saying sh*t stuff about me, a**hole" signed by vladuz. She tried logging in to the eBay discussion boards and received a message that she was suspended due to seller non-performance issues. (She does not sell on eBay.) She said of Vladuz, "I admit I had been less than complimentary about him on the boards."

Another user said he received an email which quoted something he had written on a board wishing Vladuz would get caught, with the message "Oh ya? f*** you."

Both said the sender wrote from the Google email account, "sgissc19@gmail.com."

Several other eBay users reported a similar incident in which they were unable to log in to the eBay site, though not all of them received an email purporting to be from Vladuz.

One user said his account was back up and running in 30 minutes, another said it was back up in 60 minutes. eBay's Nichola Sharpe said, "We have already secured and restored the affected accounts and are proactively calling the affected users to reassure them that their eBay account is secure."

This is the first time eBay has said that a hacker gained access to user accounts by means other than through phishing techniques. Sharpe said, "The fraudster did this by accessing externally visible servers not by hacking into the eBay site." eBay was not specific about the type of information the servers contained nor who had access to it.

In February, an eBay spokesperson had said of Vladuz, "Our number one priority is to see him caught and locked up." While Sharpe would not confirm Friday's incident was the work of Vladuz, some members seem to have no doubts. 

A user who received a message from Vladuz and lost access to his account on Friday wrote to AuctionBytes, "There are so many members who despise eBay, legit reasons or not, that support Vladuz, I do not support what this hacker is doing. I don't care for his/her "stick it to eBay" attitude or the attitude of "attack" mode against members who do not support his combative, destructive behavior."
 



Comments (52) | Permalink
Readers Comments

Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: shebuysbluesky
       
Sat Oct 6 21:24:37 2007
Thank you so much for reporting this story and for being able to gain confirmation from eBay. I am one of those whose eBay accounts (user Id shebuysbluesky) was affected on Friday Oct 5th. I was not surprised as I had already been convinced that the events of Sept. 25th did indeed show that Valduz or someone did have access to perform functions that reveal flaws in the eBay platform. I did not receive any email from the party responsible. (Not that I really want or need one thanks.) I suspect he was reading the thread at that particular moment and as I was one of those posting he chose to demonstrate some of what he was capable of doing.

I am very impressed that you were able to gain admission from eBay of what transpired. Thanks
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: sandypurins
       
Sat Oct 6 21:29:19 2007
Does anyone know why Vladuz is unhappy with eBay?
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: DOC
       
Sat Oct 6 21:39:59 2007
Interesting that eBay admitted Vladuz had access to a small number of accts. And they have blocked him from doing so again..

BUT.. eBay has been saying that since February and obviously has not been able to do block his unauthorised access to confidential member details.

If Ma would have invested the money she threw away on Skype in security we probably would not be reading this now!

I have lots of Vladuz screen captures over on the scams page. www.ebaymotorssucks.com
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: bugsmom55
       
Sat Oct 6 22:52:46 2007
eBay needs to stop wasting its time ''enhancing'' stuff and start securing its site, starting with getting some REAL user ID verification in place.  The site is full of scammers and hackers and people get ripped off right and left, there is nothing resembling customer service there (except the unpaid volunteers in the Answer Center), and all eBay cares about is making money no matter who gets hurt in the process.  Their whitewash of this incident is just another example -- don't admit anything happened because it might AFFECT THE FEES THEY COLLECT.  Never mind that someone could lose thousands to this hacker.

Vladuz' methods may be inexcusable but his contempt of eBay is understandable.
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: malmute35
       
Sun Oct 7 01:41:01 2007
I cannot get into e-bay or my ebay account is this the work of Vlqaduz?
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: dimes
       
Sun Oct 7 05:32:45 2007
What the hell is an "externally visible server" and why is our personal information on it?  

Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: dimes
       
Sun Oct 7 05:33:17 2007
What the  hell  is an "externally visible server" and why is our personal information on it?  

Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: dimes
       
Sun Oct 7 05:33:44 2007
What the [i]hell[/i] is an "externally visible server" and why is our personal information on it?  

Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: dimes
       
Sun Oct 7 05:34:23 2007
What the  hell  is an "externally visible server" and why is our personal information on it?  

Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: dimes
       
Sun Oct 7 05:36:19 2007
What the hell is an ''externally visible server'' and why is our personal information on it?  

Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: dimes
       
Sun Oct 7 05:41:35 2007
You'd think after all those tries I'd have figured out how to italicize 'hell'.  But no.
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: 0ctavia
       
Sun Oct 7 05:43:22 2007
I do believe eBay are being economical with the truth.

But WOW, finally they actually admit to it being hacking not phishing, now that is headline news.

But, of course, knowing the disinformation there has been in the past from eBay spokespersons, it must have been a major intrusion into the system or they would still be sticking with the line of 'you must have given out your details'.

And isn't it also worrying that so-called "limited access" is all that's required to start NARUing the eBay members you have a grudge against in an obviously targeted attack?
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: Alex
       
Sun Oct 7 07:18:01 2007
''What the  hell  is an ''externally visible server'' and why is our personal information on it?''

A LEASED external server. It's another one of eBays dirty little secrets. They don't even own all of the servers the site operates on. Can't afford it, I guess...

Space is leased from other entities.

Not the most secure way to operate...
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: 0ctavia
       
Sun Oct 7 07:30:37 2007
ROFLMAO Hey Alex, maybe Vladuz OWNS the servers ;-)
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: GiovanniV666
       
Sun Oct 7 11:21:42 2007
ebay lied to the affected members. They told them it was an accident.

Do you trust a liar with your personal and financial data?

How many falsehoods is that now from ebay over this and closely related issues?
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: Retarce
       
Sun Oct 7 12:45:51 2007
I appreciate your fact based reporting of this story.

I was one affected by this incident, I suffered finacial loss due to the actions of Vladuz.

I received a email from Vladuz.

I have not received a call from eBay, I spent hours obtaining help from other eBay members (Thank you, you know who you are!), under my buying ID, and finally contacted 'Live Help' security before my account was restored.

Simply put, I openly made comments that were not in support of Vladuz's actions and he clearly wanted to send me a message.

This has not changed my mind about his mentality, it has only confirmed what I knew to be the truth...

Vladuz is no Robin Hood.

I and other eBay members wouldn't wish this ordeal on anyone, because no one deserves to be attacked in this manner.

So, if you're attacked by Vladuz in the future, there are many wonderful, intelligent and connected eBay members who will help.
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: "Jane"
       
Sun Oct 7 13:57:08 2007
I was also affected by this. I received and email from eBay in my messages as well as in my email account associated with that eBay ID. I'm using a different email and "name" here since I don't wish to be a target. I was not selling on this account and don't have any financial information listed under that eBay IDs info. It was a pain however having to change passwords etc. to get access again. I have not as yet checked my other eBay ID though. Keep me in your prayers!

"Jane"
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: Gail
       
Sun Oct 7 14:15:32 2007
Thank you for getting an admission of sorts from eBay, Ina.  Nichola Sharpe's response still begs the question: How can this hacker suspend eBay user accounts without accessing eBay's servers? Can our accounts be manipulated through these 'visible external servers'?

Aren't eBay's chat boards, discussion forums, blogs, groups, etc. all on external servers?  When we enter eBay's 'community forums', just how much of our account information transfers to these 'visible external servers'?

On September 17th, eBay announced ''A Single Sign In for Community Forums & the Rest of eBay''.  This is the default setting, and has to be opted out in Preferences. I opted out, and I'll no longer post in any of eBay's forums.

I sure hope your forums are not on a 'visible external server', Ina.
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: flunkee
       
Sun Oct 7 14:45:12 2007
Catching up to all of this folks.

Found myself locked out of my ebay account yesterday, after having not logged in for a couple weeks time. Found it strange that I needed to reset the password to get in - was not an easy one to hack.

Then found that I had received a ''A26 TKO NOTICE: Restored Account'' alert form letter in my ebay inbox.

Looked for activity on all my credit/bank accounts.  Nothing unusual.  I did find a slew of form-letter ''Question'' emails, (that I of course never generated), in my ebay sent items box though.  All dated 9/25 with the message below, (have deleted the name what I assume would be some kind of scam website so as not to disseminate further).

I would have thought of reporting it to ebay, but after hearing what is really going on, not sure that would be of any help whatsoever.

Curious if anyone else with the same/similar experience on 9/25?  My ebay username did not show up in the list of possibly compromised accounts that I've seen posted on the web.


=======================================

Dear friend
Welcome to www.(deleted).com ! We are one of the largest electronics distributors and wholesalers in beijing, China. We offer qualified digital products: motorcycles ,tv,notobooks,phones.psp,projectors,gps,dvd,dv,dc,mp3/4,musical instruments,toys,watches and so on, which are of world famous brands, such as sony, ibm, philips, nokia, dell and so on. All our items are brand new friom the manufactures and they come with 1-3 years' after service. These days we are expanding our overseas market, and every item is sold in extremely low price. Such chances should never be missed, ladies and gentlemen, do come to www.(deleted).com ! you will surely have a big surprise! We are looking forward to hearing from you!
my website : www.(deleted).com
Welcome to talk in MSN: (deleted)@hotmail.com
Hacker Vladuz Accesses eBay Servers, Suspends Accounts   Hacker Vladuz Accesses eBay Servers, Suspends Accounts
by: flunkee
       
Sun Oct 7 15:01:20 2007
Argggghhhh.  I missed one ref to the wesite in the last post.

!!!DO NOT GO TO THE WEBSITE MENTIONED IN MY LAST POST - POSSIBLY A SCAM WEB SITE!!!!

If anyone can get that infomation pulled down please do so!!!
Click to view more comments
1 2 3  [Next Page]


Login is required to post comments.
To sign in to leave a comment using your AB Verify User Name, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page
.

Login for AB Verify
Be sure and use your email address and password to log in.

 
Email:
Password:
 
 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.
  Rate Services
  Auction Calendar
  Collectors' Links
  eBay Promo History
  Bookshelf
  Fraud Resources
  Drop-Off Store Laws
  Payment Holds
  Ecommerce Resources
  Photo Tips
  Marketing Inserts
  Yellow Pages
  Advertising
buyersmarket2aaa2.JPG (7729 bytes)
 AB Blog Recent Posts 
 EB Blog Recent Posts 
 EB Blog Recent Comments 


Subscribe in a reader



Archives



Powered by Perl Web Blog
© 2005/2016 Ranson's Scripts