There was a DoS (denial of Service) attack on the server about a week ago. Funnily enough, not long before that I had noticed a few pics, which were puzzling. A look on the web stats saw referals to those pics coming in from ebay. So someone had been using it to host their ebay pics.
Not an issue really - If I\'d known about it up front. The thing about an uploader, and why you won\'t find any that don\'t want your life story, logins/passwords to use is that they allow you to upload files (durr!) the thing with files is, you can do lots of naughty things with them. Lets say you embed a cool little javascript inside your gif image. then upload it, or even upload a script directly. When that script then gets requested by someone, the server looks for it, and see there\'s a script there so runs the script - simple, its what web servers do
Ebay is one of the planets biggest targets for hackers at the mo, and anything that can be done to nick someones account details is being tried. there\'s loads of scripts out there already that will scan everything that is for sale on ebay - literally everything, and look for clues like emails addresses, external photohosting etc. the would be hacker can then investigate these external things to see what can be done. You look at that persons item their flogging, and see the pic, you download a copy of the pic, do your own deviousness with it, then upload it back with the same name, overwriting the original. Next time some looks at that item for sale, the pic gets requested by ebay, it arrives on the item description as per usual but this time the script comes with it. You know have some one on the inside waiting for the next time you go to \'my-ebay\' where upon they caputure your id/password and off they go
If a script is there to be run it will be run by whichever server requests the script, including ebay, so I\'m guessing the culprit may well have compromised there account security at ebay anyway, and if they are looking in, I would get along there fairly smartish and change your user ID and password, and possibly your credit card details.
such DoS attacks once they have levered the door open of their target, they like to cover their tracks, this one did so by taking the cibs server out! I had my wrists slapped by the network that the server lives in for not securing the uploader better. I did test their sense of humour though, they worked out it was the uploader on that domain that was resonsible, and I\'m well known to them and have several machines running in their network, so I told them to put it down to \'friendly fire\'
Irony was never the americans\' strong point
It\'ll probably be back to normal in a day or 2, don\'t know how many of the images that were there will be lost, trying to restore what I can at the mo, but there\'s nigh on a gig of images that have been uploaded over the last year and a half, but the old string and tin can communications system out here is struggling.
Will probably be a password job I\'m afraid though when it gets back though, but happy to give the necessary to whoever wants it.
difficult to point a finger at anyone specifically as the log files were all squished as well
All a jolly wheez really.
