Feeds

eBay goes hacker hunting in Romania

Fraud rising at internet speed

Providing a secure and efficient Helpdesk

Vladuz by any other name

In the past, eBay representatives have also said the hijacking of trusted accounts are the result of users falling for plain-vanilla phishing scams, and not the result of Vladuz or security vulnerabilities in eBay's system.

Indeed, we were unable to find evidence to suggest Vladuz is responsible for such take-overs or the increased volatility in listings. What is known is that a person by that name has taken a keen interest in eBay and has defrauded at least one eBay user.

Vladuz claims to be the author of a Firefox extension that he says automatically enters captcha image verification codes when making certain eBay transactions. The browser add-on appears to be harmless, according to Joe Stewart, a senior researcher and cyber gumshoe at SecureWorks, who tracks the comings and goings of online crooks. But it did require users to submit an email address and username to the Romanian site tokens.b0x.ro. (Stewart was responsible for some of the research for this article.)

That domain has been disabled, but the IP address of the server that hosted it later pointed to the domain name, denisforall.com, which was registered to, and unknowingly paid for by, Washington-state resident Eliza Alby using her debit card. Alby says she found two other unauthorized charges, one for the domain lorealparis333.com and the other for an audio plugin download from SRS Labs.

"I should look at my other transactions," Alby said after learning of the fraud.

Denisforall.com once advertised the Firefox plugin as well and included the business name SGI, according to this Google cache. On a separate page, miketysonthebest.com, another site connected to Vladuz, SGI is said to stand for Solutions for Generating Income, according to this cache image.

Vladuz has left other random tracks online. On banitarfearme.com and colourfish.com, for instance, the hacker published what appear to be password extractors that test whether phished account credentials are valid. In early November, a user named Vladuz even posted a comment in an eBay developer forum decrying a change designed to crack down on fraud.

Vladuz may have no compunction about trespassing on and stealing the property of others, but he's very protective of his own. On many of the sites where he publishes, he even goes through the trouble of copyrighting his code. ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.