Thrustline Survives Ebay Security Break

The Rocketry Forum

Help Support The Rocketry Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

flying_silverad

Well-Known Member
Joined
Jul 23, 2002
Messages
3,168
Reaction score
5
At approximately 5PM EST OCT 25, 2004, the Thrustline Ebay Store and account were hacked into by a third party. Said party attempted to sell 4 car navigation systems whose point of origin is somewhere in Europe (Italy). At 6PM EST, when I logged on, I had an e-mail from a customer who asked a question about one of the false auctions.
Because I was able to extract the email address listed within one of the auctions of the person that did this before it was closed, I will be passing this address on to a friend in the FBI that owes me a favor.

My first action was to change my password in both my Ebay and my PayPal account which I did. It was apparant that someone else beat me to it as I was not able to change my EBAY password. I was able to change my PayPal account quickly and all funds were secure.

At 630PM EST, Ebay must have seen the problem and shut everything down including the EBay store. All auctions were cancelled, and e-mails were sent to all say that all auctions were Null and Void.

At 9PM EST, I was finally able to log on to a live chat area under the "security" section of Ebay. This is a live chat area support system that works...but slowly. After several attempts to hook up, I was finally able to converse with a security tech who was able to "fix" everything and re-enstate my account. All feedback and username was retained and information updated.
I did lose all current auctions and ebay info so that had to be re-loaded.

1159PM EST- Account was re-opened

As of now (Oct 26th), I have sent e-mails to every customer that I could retrieve back to Sept 4th telling them what happened.

THE SECURITY BREAK WILL NOT AFFECT ANYONE WHO USED THE STORE OR BID ON ANY AUCTIONS, PAST OR PRESENT.

If you have any questions regarding this situation or are concerned about any and all transactions regarding Thrustline, please feel free to either post your questions here, or email me.

Thanks again,
John

((MODS>Please feel free to merge and/or move as needed)):)
 
First of all...... I glad to see you are ok.... I am sure your blood pressure went through the roof last night....


Any update on what EBay's response is?..... What are they doing (if anything) to prevent this from happening in the future?
 
On the same topic, I got an email today from

" [email protected] "

concerning an auction which cleared 2 days ago, PayPal payment processed, etc...

which read:

Dear XXxxxxx XXXX ([email protected]),

Please be aware that auction:

(then listed transaction number and item)


in which you were a bidding participant, has been ended early by eBay for violating one or more of our listing guidelines.

Because the auction was ended early, you as a bidder are not required to complete the transaction.

====

So I immediately contacted the seller - they replied it was BS, the transaction was completed, item is on the way. Forwarded the email to [email protected].

We'll see what happens, but it still smells like something funny is going on.

OK, I am off to start changing all my passwords...:mad: :mad: :mad:
 
Originally posted by Rocketmaniac
First of all...... I glad to see you are ok.... I am sure your blood pressure went through the roof last night....


Any update on what EBay's response is?..... What are they doing (if anything) to prevent this from happening in the future?


1st, yea the old BP was through the roof. Couldn't fall asleep until about 3AM. Woke up and started re-building the store.

2nd, I asked how it happened and as far as they are concerned, they won't say a word. I may never know exactly what or how it happened. I have gone through all of my virus and spyware, as well my firewall. Changed ALL of my passwords. WE'll just have to wait and see.
 
Originally posted by flying_silverad
[B2nd, I asked how it happened and as far as they are concerned, they won't say a word. I may never know exactly what or how it happened. I have gone through all of my virus and spyware, as well my firewall. Changed ALL of my passwords. WE'll just have to wait and see. [/B]
When you asked them, what was their response? Did they just not type anything in the chat window?
 
Originally posted by Ltvscout
When you asked them, what was their response? Did they just not type anything in the chat window?

During the end of the session, he asked if I had any questions. So I asked why this had happened. He then asked, Do you have any questions as sit pertains to your account. I asked again and he just said that he could only answer questions regarding my account and then....the session ended.
 
Don't read anything into their not responding how it happened. Security teams will never tell anyone details like this as there would be the possibility you would post the transcript, and someone would get the idea on how to attack. Where there is one hole there is usually more and the less attention the better.
 
No, you've got it all wrong. Ebay sucks. Paypal swallows.
This whole mess has proven to me that I was right in ditching Paypal when they wanted access to my bank account. I didn't just get run over by the turnip truck yesterday.
 
Back
Top