A security flaw has been detected in online tat Bazaar eBay and this may allow criminals to spread malware through files seemingly hosted by the website. The bug is exploited to trick an eBay user into downloading and opening a malicious file from a trusted eBay website. As per security researchers, users of IE 8 and 9 are particularly vulnerable. Users were offered at file for download by eBay trusted domain and it would not raise any suspicious. After downloading the file, the malware installs on the user’s computer. This would allow the user to gain control over the victim’s computer and launch multiple attacks. eBay has been notified about the bug and necessary actions are being taken to fix the vulnerability.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street