Don’t miss the latest developments in business and finance.

Online attack on eBay puts buyers' credentials at risk: Report

Image
ANI London
Last Updated : Sep 18 2014 | 3:35 PM IST

A report has revealed that eBay had been compromised following an online attack that placed malicious Javascript code within its product listing pages. People who clicked on some of its links where automatically directed to a spoof site that looked like the website's welcome page.

The spoof website then asked for the users' eBay usernames and passwords. The technique used to hack the website is known as cross-site scripting (XSS) and is one of the top 10 vulnerabilities that website owners should be concerned about, reported the BBC.

The report said that the U.S.-based firm was alerted about the hack on Wednesday night but the malicious listings were removed more than 12 hours later.

The fake page that the users landed on after clicking some of the links had the potential to carry out further malicious actions.

A spokesperson for eBay downplayed the scope of the attack.

Also Read

First Published: Sep 18 2014 | 3:22 PM IST

Next Story