Experts Condemn eBay After XSS Attack Puts Users At Risk
Tom Jowitt reports:
The attack on eBay was a cross-site scripting (XSS) attack, in which users were redirected to a spoof website designed to steal their credentials. It is not known at this stage, how many users have been affected, said the BBC.
“It would be nice to think that eBay, one of the world’s most popular websites, had its act together when it came to securing its content,” wrote security veteran Graham Cluley. “After all, if a hacker were able to boobytrap auction pages on the site to redirect users to a phishing page that asked them to enter their eBay username and password, that would be a pretty bad thing. Right?”
Read more on TechWeek Europe.