Interesting vector for browser vulnerability exploit…ebay



incidents.org has received a tip on an ebay item that contained some malicious script…

ISC reader Gareth Attrill pointed us to an eBay auction that has some escaped HTML code that sneaks in a link that tries to get a trojanized .jar (usage.jar) file loaded on anyone who loads the listing. The latest .dat for McAfee immediately detected (and deleted) the code as Exploit-ByteVerify. The lister most likely managed to bypass other protections that otherwise prevents this kind of code from being inserted into item listings. Both eBay and the ISP that is hosting the malware have been notified.


This is an interesting way to use a legit site to sneak something past the casual users. Their warning is to verify any html input that you allow from visitors to your site.

   Send article as PDF   

Similar Posts