Saturday, 3. March 2007
Topic: e-bay - on March 3, 2007 at 12:56:00 PM CET
eBay plugs hole in sign-on page
A week or more after it was brought to its attention, eBay has plugged a hole in its sign-on page that was being exploited by phishers.
The vulnerability was noteworthy because it led users to eBay's official login page first, unlike most phishing attacks, which direct victims to a spoofed URL. Once a user entered a valid user name and password on the eBay site, however, the exploit redirected the person to a third-party site of an attacker's choosing.
... Comment
