Auction site eBay has warned users of a Trojan horse affecting
the Auctiva auction service. The virus affects users managing eBay
auctions through Auctiva and also any eBay user who enlarges images
of auction items that were uploaded via Auctiva.
The problem appears to have been fixed but Auctiva has urged
eBay users to run Firefox instead of Internet Explorer, claiming it
is less susceptible to this sort of malware than Internet
Explorer.
Users expressed their anger about the lack of information from
Auctiva when the Trojan attack hit over the weekend. In the
eBay user forum businesses have stated their concerns about the
lack of information regarding the threat. One said, "I just tried
to upsize a picture on one of my active listings on eBay and got a
big Trojan malware notice."
Another user said, "I just spent the last two hours running my
Norton Virus Scan And Protect. Just rebooted and it is totally
screwed now.I can't even open my e-mail program. Since it appeared
Auctiva was good to go. I went ahead and tried to log onto Auctiva
about two hours ago. I immediately got a box that just said
"Windows Installer". I clicked on Cancel right away, but it took
three minutes to stop."
On Sunday Auctiva said its engineering team was still
investigating the situation. "It appears the reason these virus
alert warnings started showing up on our site is because some of
our machines were injected with malware originating in China. The
malware we believe to be at fault has also hit a number of other
high profile websites over the past six months," it said.
The company has now recommended that users who visited the
Auctiva site between Thursday evening and Saturday afternoon at
about 2pm Pacific Time, to clear their browser cache, delete all
temporary internet files, and restart the browser.
Protecting against the Auctiva win/adpclient Trojan
horse
1. Clear your browser cache, delete all temporary internet
files, and restart your browser.
2. If using a Windows machine, make sure you are updated with
all the current Microsoft updates and patches.
3. Make sure you are running some reputable antivirus software.
AVG is available free and is known to
catch this malware.
4) Use the Firefox browser if possible, as it has been shown to
be less susceptible to this sort of malware than Internet
Explorer.