Unpatched eBay vulnerability leaves shoppers at risk of downloading malware

February 4, 2016

Via: BGR

Be extra careful the next time you visit a suspicious-looking eBay store page.

According to Help Net Security, researchers from the Check Point security firm have discovered a vulnerability in the eBay platform that allows criminals to distribute malware by bypassing the site’s code validation process and control the code themselves.

Here’s how it works: an attacker sets up a store page with listings for products. On the page, a pop-up message will appear telling customers that they can receive a limited-time discount if they download the eBay mobile app.

Read More on BGR