AuctionBytes Blog
Covering auctions, collectibles and marketplace selling.

AuctionBytes Blog The AuctionBytes Blog has been giving a voice to online merchants since its launch in 2005. Named one of the world's top 30 blogs in 2008 by "Blogging Heroes." Weigh in with your thoughts on the joys and pitfalls of selling online.
Mon Feb 23 2009 23:10:48

Update on Auctiva Malware Incident

By: Ina Steiner

Sponsored Link

Auctiva is offline following an incident in which trojan malware was found on its servers. You can read the original AuctionBytes report in the previous blog post, and a new update from the company in which it reveals that additional malware was detected today. The site may be fully back online sometime after midnight.

Auctiva's Press Release Issued February 23, 2009:

On Thursday, February 19 we discovered the presence of malware on the Auctiva servers. This caused Google to flag Auctiva as a dangerous site. Our Systems Engineers identified the malware through our monitoring system and they immediately began working to isolate the infected servers and take them offline. During this process the site was running on fewer servers and you may have experienced some delays.

The infected servers were wiped clean and by Saturday morning, most servers were put back online. As of Sunday night, Google rescanned Auctiva.com and determined we were safe to navigate. However, upon continued monitoring today, additional malware was detected and we decided to temporarily take Auctiva.com offline to eliminate the possibility of further infection. We will bring Auctiva.com back online once we are confident we can provide the level of safety and security for our customers that we have for the past 10 years.

What can you do now?

If you visited www.auctiva.com between Thursday evening and Saturday afternoon at about 2 PM PST, as a precautionary measure we recommend taking the following actions to ensure that your computers are not infected:

1. Clear your browser cache, delete ALL temporary internet files, and restart your browser. For instructions specific about your browser: http://community.auctiva.com/eve/forums/a/tpc/f/1081020411/m/11910151?r=31410571#31410571
2. If using a Windows machine, make sure you are updated with all the current Microsoft updates and patches.
3. Make sure you are running reputable antivirus software.
4. Use the Firefox browser if possible, as it has been shown to be less susceptible to this sort of malware than Internet Explorer.

During this time your Auctiva Checkout, scheduled listings, and images, templates and scrolling gallery in listings on eBay will remain available.

As we work through this issue we will post regular updates on our community forum: http://community.auctiva.com/eve/forums/a/frm/f/1081020411.

Update 2/24/09: Dancho Danchev, an independent security consultant and cyber threats analyst, wrote about the malware incident on the ZDnet blog. He points to a thread where someone reported infection on the 18th, we have a reader who reported it on the evening of the 17th.

This is a wakeup call to all companies and individuals. Back up your computer, have up-to-date anti-virus software, and heed all warnings. Danchev points to two other recent malware attacks and writes, "this may well be the kick-off month for 2009's malicious activity." And PC World reports that hackers are targeting Facebook users with a hoax application that attempts to steal personal information for ID fraud.




Comments (27) | Permalink

Readers Comments

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Lisa

Mon Feb 23 23:35:25 2009

And yet those of us reporting a new trojan today were pooh-poohed and told it was our computers, not Auctiva.

This whole situation REALLY has not been handled well at all.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Tired

Tue Feb 24 06:13:29 2009

To bad this hasn't happened in one form or another to eBay directly.  In either case someone is really pissed off at Auctiva.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: ebay is scum

Tue Feb 24 06:58:25 2009

There is also a virus at ebay. It's called the ANTI-SELLER virus. It charges hugh fees, changes it's rules daily and genrally ruins your life.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Mispah

Tue Feb 24 07:06:23 2009

Will we (auctiva-users) get our money back for failed listings this week I wonder? I always have at least three viewers on each of my items, and at least one buyer. This week, none. I go to my listing, and when trying to view the larger picture, is directed to a blank page. Any potential buyer would be turned off by that.
All Auctiva-users who listed items this week should have their fees returned.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Mispah

Tue Feb 24 07:11:01 2009

Don't be silly, "ebay is scum".  Many people depend on ebay, even more these days. All auction houses and places charge you for putting items up, or else they wouldn't survive.
Ebay is a life-saver for many people.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

This user has validated their user name. by: Ed Gadfly

Tue Feb 24 07:36:55 2009

So what's the solution? From the auctionbytes.com article, ''eBay to Introduce Malware Scanning Service Called Garage'':

''The site, eBay Garage, will run an embedded application to scan users' computers for any viruses or spyware using up-to-date malware signatures.''

So let me get THIS straight... eBay is going to embed an application and scan my computer? HA HA HA HA... oh jeez...

Are the people who created the crack eBay Shipping Calculator behind this or is it the team that developed ''Best Match?''

''Cullinane told Silicon.com that eBay Garage would direct users with malware to a security vendor that provides products to clean up the machine, services that users would no doubt have to pay for in order to use. ''

Ok... Insertion fee, Final Value Fee, mandatory PayPal fee, Store Fee and now a malware fee.

The pages seem to load longer now on eBay, I wonder how fast they will be with a ''malware scan'' going on.

It's not bad enough that people spend huge amounts of time and money on eBay, but now they risk their computers on the site as well.

Good luck when the malware from your eBay visit ruins your computer. No more plane tickets, email, kid's homework... you won't even be able to check your sales on Amazon.

When does it become unprofitable to sell on eBay, when the total fees take 30%, 40%, 50% ???

At least we have our Seller's Advocate!! I don't see a Seller's Advocate at Amazon or Bonanzle.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Baconsdozen

Tue Feb 24 08:39:08 2009

Let ebay lose on my computer?.
I'd rather stick pins in my eyes,you can't trust them to run a bath let alone anything else.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Clay

Tue Feb 24 08:47:07 2009

Last week there was an article on hackers compromising SSL encryption. This week Auctiva is hacked.....eBay's new malware scanning service....?????....I wonder, new revenue maker for eBay ????? I was told years ago by a computer geek who was fixing my security program....The people who make it are the people who break it.....?????....I Wonder ?????

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: o.c.d.collectibles

Tue Feb 24 08:58:00 2009

I wouldn't be surprised if this came from ebay itself. They don't want sellers using free 3rd party affiliates. They want sellers to PAY for THEIR cherry picked affiliates. I never used auctiva, I used to use seller sourcebook, and paid for the service. I still pay for it, hoping to use it for other places to sell. Most of the other places I'm registered on host the photos  themselves, and have no specialty templates to use.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Tony

Tue Feb 24 09:24:20 2009

Dear Mispah, Ebay does indeed suck. As someone who has several online sales sites..Ebay is the worst...for price..confustion and generally uselessness. Fee increases, forcing sellers to use Paypal, I could go on and on..a lifesaver? I've been basically dead for the last three months...you have no idea what your talking about.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: MsFish213

Tue Feb 24 10:00:48 2009

Auctiva is free and not owned by Ebay.  How can you get your money back if you didn't pay anything in the first place?  Its just one of the problems you encounter when you are in Ecommerce ...part of doing business.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: ebay = penny stock

Tue Feb 24 10:45:15 2009

Instead of Ebay acting like a responsible community member its acts like a little kid who is getting the smallest share.

EBAYERs get ready to pay more money for them to stop something that shouldn't effect them at all.

If they had programers that knew what they were doing, no one would be having these stupid problems.

The Ho has to go. He's an idiot with no idea how to run a company.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: 112939

Tue Feb 24 11:05:19 2009

Tired
"To bad this hasn't happened in one form or another to eBay directly."

I thought it did.

People access Auctiva through Auctiva.com and eBay through clicking on images to supersize them. Who knows how many buyers were infected. The eBay buyers were never notified, at least if they used Firefox they got warned.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: alan

Tue Feb 24 11:28:58 2009

i'm running linux on a eee pc and i was warned by NoScript, an add-on to Firefox, that there was a clickjacking attempt occurring last week.  NoScript spotted it, stopped it, and my system is clean.  it's time to switch your operating system to one that is safe!

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: o.c.d.collectibles

Tue Feb 24 14:20:50 2009

I'm certain ebay did this to auctiva. Like I said, ebay wants to make money from anyone playing on their site. Since auctiva is not owned by ebay, the management doesn't want them there. Ebay is not a trustworthy company. Who doesn't get that?

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: Pat

Tue Feb 24 14:39:46 2009

''it's time to switch your operating system to one that is safe!''

Oh yea, right. Blahh, Blahh, Blahh. There's that tired old mantra again.

So you think that if Linux all of a sudden had 90% of the OS market, you'd still be SAFE? Get real Bozo, your OS has exploits too, it just isn't worth the effort for the bad guys to find and target them. No ROI so to speak. Why target 1% of the OS's when you can get the best bang on the buck going after the one with 90%. And don't give me that old ''Windoz sucks'' argument either. Every OS has bugs.

Now go back under your bridge, Troll.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

This user has validated their user name. by: Ming the Merciless

Tue Feb 24 14:58:32 2009

With ebay's well documented history of deceptions, prevarications, and multiple thefts of intellectual property, why wouldn't sabotage and/or destruction also be a strategy against a competitor?

Auctiva is no longer just an "Ebay vendor." They're a competitor, and ebay is just as terrified of viable competitors as they are of free speech and truth.

NEG MEG (Whitman) in 2010.
Death to ebay corp. in 2009.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: jsattic

Tue Feb 24 20:32:58 2009

All i have to say is that I will stick with Auctiva and wait for them to iron out this problem. I admire the fact that they shut down completely to work on this issue.

Furthermore, (because I read the agreement)I understood when I started using them that they were not to be held responsible for failed listings nor any lost eBay fees.

Anyone who bitches about it only has themselves to blame for not reading and understanding the user agreement.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

This user has validated their user name. by: Bob

Wed Feb 25 00:42:58 2009

Only babies or rank newbees use Auctiva anyway.

Update on Auctiva Malware Incident   Update on Auctiva Malware Incident

by: ma

Wed Feb 25 02:37:21 2009

I know auctiva is free and I have appreciated use of their services for several years. I expect things to happen... I dont expect to be lied to.
Yes Lied. We were told there were some problems but not what problems. then told oh a bit slow but working ok. Then my computer was corrupted. AND sorry ebay I Had ONECARE. so NO that will not fix the problem. I took onecare out, took out IE, MSN and several other things, scanned, cleaned, scanned. then redownloaded IE and MSN and updated everything. Now my computer works but I wont be using ONE CARE... Where are their heads? my word. Oh yeah that was 5 hours well spent. lol
As far as the lie goes. I expect problems online... I also expect vendors whether free or paid to tell me the truth when it happens, not 3 days later or 4 days or 5 days. Well I dont expect that from ebay because I know they will deny any technical problem, even when they know it exists.
So I have false expections in deed.
and Bob, you left off old people.
lol ... thanks Ina for the truth. ma

Click to view more comments
1 2  [Next Page]


Login is required to post comments.
To sign in to leave a comment using your AB Verify User Name, fill in the form below. If you have not yet signed up for AB Verify, or if you'd like more information, go to the Registration Page
.

Login for AB Verify
Be sure and use your email address and password to log in.

 
Email:
Password:
 
 Forgot Your Password?
 Even though you are signed in with the AuctionBytes Blog, you will have to sign in to the EcommerceBytes blog. But you can sign in with your existing AB Verify info.