Monthly Archives: February 2009

The conclusion of the Auctiva saga

So at 12.44 in the Am, EST…I finally receive an email from Auctiva.

I particularly enjoy the line about courtesy at the end….a courtesy would have been if they sent an email telling me about the issue when it began, before I found out when it became an inconvenience to me

SUBJECT: Information regarding Auctiva’s Site Warning
February 23, 2009
7:30 PM PST

On Thursday, February 19 we discovered the presence of malware on the Auctiva servers. This caused Google to flag Auctiva as a dangerous site. Our Systems Engineers identified the malware through our monitoring system and they immediately began working to isolate the infected servers and take them offline. During this process the site was running on fewer servers and you may have experienced some delays.

The infected servers were wiped clean and by Saturday morning, most servers were put back online. As of Sunday night, Google rescanned and determined we were safe to navigate. However, upon continued monitoring today, additional malware was detected and we decided to temporarily take offline to eliminate the possibility of further infection. We take the security of our site very seriously. We have identified the source of the problem and we are working 24/7 to resolve the issue. We will bring back online once we are confident we can provide the level of safety and security for our customers that we have for the past 10 years.

What can you do now?

If you visited between Thursday evening and Saturday afternoon at about 2 PM PST, as a precautionary measure we recommend taking the following actions to ensure that your computers are not infected:

1. Clear your browser cache, delete ALL temporary internet files, and restart your browser. For instructions specific about your browser:
2. If using a Windows machine, make sure you are updated with all the current Microsoft updates and patches.
3. Make sure you are running reputable antivirus software.
4. Use the Firefox browser if possible, as it has been shown to be less susceptible to this sort of malware than Internet Explorer.

During this time your Auctiva Checkout, scheduled listings, and images, templates and scrolling gallery in listings on eBay will remain available.

As we work through this issue we will post regular updates on our Community Forums

Kevin Kinell
VP, Engineering

This email has been sent to you as a courtesy by Auctiva.

2nd update:

SUBJECT: UPDATE – Information regarding Auctivas Site Warning
February 24, 2009
5:30 PM PST

After notable efforts by our IT and Development teams, as well as assistance from eBay, we were able to bring back online as of 5 am, PST. Our site is safe to navigate, as verified by Google.

We identified the root issue of the malware and we’re moving forward with the necessary protection to prevent this from happening again.

We are on a more segregated network with increased security and are performing on-going virus scans. Additionally, eBay is currently running a vulnerability scan to ensure the integrity of our database. There are still a few minor issues with the live site that we are resolving. These are no longer related to the malware, but rather issues in bringing the site back up on new servers. Our Release Engineering team is working with IT to get things back to complete.

What happened?

The virus malware was injected via a third third-party plug-in. Once in the file directory, the virus malware executed malicious script that gained access to files. Once access was gained, the perpetrators used that access to place low-level malicious script into files that were distributed to some of our users.

What can you do now?

* As a matter of good practice everyone should be regularly scanning their computer with antivirus software. If you already have antivirus software then you should check to be sure you have the latest virus definitions update for the software and run routine scans of your computer.
* If you don’t already have antivirus software eBay recommended that users try Microsoft’s OneCare antivirus scanner for home users.…/install/install.htm.
* If you are using a Windows machine, make sure you are updated with all the current Microsoft updates and patches.

Thanks are due to so many people, our customers, our IT staff and eBay for working with us on this issue. I know we’re all looking forward to moving past this and getting back to business as usual. We will continue to post regular updates on our Community Forums

So very nice late response- once again-how about some real time support and not this to little to late crap

Auctiva reported as Attack site warning TRUE

Auctiva reported as attack site warning TRUE

SInce yesterdays article on the seemingly innocuous Auctiva warning, it has come to my attention that warning details have changed.

The google warning now displays that the site has detected threats.

sunday auctiva warning reported as attack site

sunday auctiva warning reported as attack site

Personally, I am not concerned about actually having my system integrity compromised as a have a new and current AV running at all times and firewall and am behind a router.

I did access the site today to check on the current warning screen.

But how does this effect us as sellers who use Auctiva.

If your bidders selects “supersize image” they will see the attack warning

If your bidder uses the auction scroller they will see attack warning

If your bidder attempts to use the auctiva checkout system, they will receive attack warning, do you have your system set to automatically thank new bidders or winning bidders – they will receive an attack warning.

This will scare many of out less tech savvy bidders, who may even blame us the auction holders as being the culprits.

I would have really appreciated seeing some sort of notification or statement from auctiva about this issue.

I actually think their silence is proof that they do not have the issue under control and are not capable of fixing the problem

Considering there launch of teh Auctiva e commerce stores soon, this is not a good sign of customer service and integrity.

A conspiracy theory, perhaps ebay was concerned about losing some of their market share and decided to use gray channels to fight back?

Another risk that you may have not realized is that your token has your auctiva and ebay accounts linked, theoretically if the auctiva system is compromised mysterious auctions and edits could be made into your ebay account!

This is an example of getting what you pay for, although I was seriously considering getting involved with auctiva ecommerce stores…but now i wonder

have any of you actually felt a backlash from your bidders as a result of this snafu?

Auctiva Attack Site warning: 2

Please read most current updates on auctiva reported as attack site

I see this post is getting some hits, i was really just venting, so my answers for you.

1.Dont be concerned

2. to bypass the warning, just click the link on the bottom right of your warning screen.

3. If you read the report on why, you would see that there is no legitimate reason shown for the warning

4. I found it impossible to list via the site because every new window gave me that warning which just became annoying.

5 Just in case you didnt know, since auctiva and ebay are linked your listings will still show your slider and your warranty info and counters if you list via ebay today…you just wont get your tempaltes and pre filled info, you can get the auctions going and just go back and revise once the site warning goes away.

6. this is an issue with your firefox browsers security settings…you can simply whitelist the site in your options to get around this issue
I have read that the issue also effects googlechrome

7. Auctiva knows about the issue and claims that it relates to there recent server switch

Wow, super annoying…today Im trying to set up some quick 24 hour eBay auctions via – every damn page I go forward I get the reported attack site warning from firefox…every page!

The worst part is when you read through the reasons for the warning, there are none! For every delineated reason a page could be reported, the page clearly states that Auctiva had not been reported for that reason.

Hopefully that goes away soon, as I have my templates stored by Auctiva.. jeez, sometimes technology just isnt cool

Auctiva reported as attack site