Should this issue be left unfixed by the eBay team, customers could be in trouble where phishing and data theft is concerned.
“The eBay attack flow provides cybercriminals with a very easy way to target users: sending a link to a very attractive product to execute the attack. The main threat is spreading malware and stealing private information,” according to Check Point.
We urge eBay users to be on the lookout for any form of malicious content. Attackers could send a page with infected content that could gain access to a user’s computer, and from there, data theft and phishing may take place.
Check Point made the discovery to eBay since December 2015. However, up to this day, eBay has yet to come up with a fix to make sure its customers are safe. The company stated that it has no plans at the moment to fix the vulnerability.
We expect this to change in the future, but for now, eBay users should beware because a demonstration of the exploit in action is out there, meaning that hackers have knowledge of it and will likely attempt to take advantage.