From the Register UK:
Miscreants have unleashed a new strain of a sophisticated Trojan that targets eBay users by feeding them spoofed web pages containing fraudulent information about high-ticket purchases, The Register has learned. It has already contributed to an $8,600 loss by one eBay member.
The Trojan installs a scaled-down webserver on an infected machine that masquerades as eBay and several third-party destinations frequently used to sniff out fraudulent offerings, including Carfax.com, Autocheck.com and Escrow.com.
When a victim browses to one of these sites, the webserver creates a parallel universe of sorts, in which the victim sees counterfeit pages designed to counter fraud protection mechanisms offered by eBay and third-party sites.
“To think that somehow they got software on their system that managed to spoof all the validation sites – that’s a shit-scary story,” said Roger Thompson, a researcher at Exploit Prevention Labs who specializes in web-based attacks. “It’s fiendishly clever.”
Read on.
[tags]Trojan, eBay Trojan, Virus[/tags]