Large Collection Of Stolen EBay Logins

| | Comments (0)
While investigating an unrelated case of Phishing yesterday, we came across the biggest haul of stolen EBay logins we've ever seen.

How big?

Well, here's a screenshot of the "Word Count" from the document the details are stored in:


Each line is taken up by a single EBay Username, Password and EMail account.

Unfortunately, there are 5,534 of them and they're spread across 121 pages. Here's a random screenshot of page 113, each page containing roughly 46 usernames apiece:

Click to Enlarge

Quite a lot of the accounts don't exist or are no longer registered users, but there's enough live accounts in there for this to be something of a worry (there also don't appear to be any duplicates, which is unusual for a collection this big). At first glance, it's hard to say exactly where the data has come from or how new / old some of it is (it's apparently been passed around various file download sites over the past week or two), though a massive "roll-up" of stolen accounts from various Phishers seems most likely.

Most of the live accounts we saw look like this:


These would be newly registered users, or users with low feedback scores because they don't tend to use EBay that much. These are prime targets for Phishers, because they're more likely to be fooled by fake logins.

Another worry is that many new / inexperienced users on EBay use the same login details for Paypal, so there's the possibility of being able to access two sets of accounts from the same data. I should mention, it's not just new EBayers that can be caught out by these kinds of scams - there were quite a few high scoring EBayers in the stolen logins too.

A source tells me that hackers attempting to use these logins claim some have been "locked out" (presumably logging in on an account from an unfamiliar IP address is triggering EBay Security checks) though my source also tells me there are people bragging about there being "A lot of goodies" still in the list.

We've notified EBay, and had the data removed from the web where possible (a hat tip to Google for assisting in the removal of some cached data from their search engine). Hopefully EBay will act quickly on the information they've been provided and assist those unfortunate enough to have been Phished.

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on October 13, 2008 5:35 PM.

More Google Adwords Phish Pages was the previous entry in this blog.

Large Twitter Spamrun Incoming! is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.