Auction site eBay has warned users of a Trojan horse affecting the Auctiva auction service. The virus affects users managing eBay auctions through Auctiva and also any eBay user who enlarges images of auction items that were uploaded via Auctiva.
The problem appears to have been fixed but Auctiva has urged eBay users to run Firefox instead of Internet Explorer, claiming it is less susceptible to this sort of malware than Internet Explorer.
Users expressed their anger about the lack of information from Auctiva when the Trojan attack hit over the weekend. In the eBay user forum businesses have stated their concerns about the lack of information regarding the threat. One said, "I just tried to upsize a picture on one of my active listings on eBay and got a big Trojan malware notice."
Another user said, "I just spent the last two hours running my Norton Virus Scan And Protect. Just rebooted and it is totally screwed now.I can't even open my e-mail program. Since it appeared Auctiva was good to go. I went ahead and tried to log onto Auctiva about two hours ago. I immediately got a box that just said "Windows Installer". I clicked on Cancel right away, but it took three minutes to stop."
On Sunday Auctiva said its engineering team was still investigating the situation. "It appears the reason these virus alert warnings started showing up on our site is because some of our machines were injected with malware originating in China. The malware we believe to be at fault has also hit a number of other high profile websites over the past six months," it said.
The company has now recommended that users who visited the Auctiva site between Thursday evening and Saturday afternoon at about 2pm Pacific Time, to clear their browser cache, delete all temporary internet files, and restart the browser.
Protecting against the Auctiva win/adpclient Trojan horse
1. Clear your browser cache, delete all temporary internet files, and restart your browser.
2. If using a Windows machine, make sure you are updated with all the current Microsoft updates and patches.
3. Make sure you are running some reputable antivirus software. AVG is available free and is known to catch this malware.
4) Use the Firefox browser if possible, as it has been shown to be less susceptible to this sort of malware than Internet Explorer.