Clean Bill of Health for Auctiva

Back to business as usual after malware attack.

by staff writer
- Feb 25, 2009 is back to normal operation after malware affected the site for a few days, leading the company to pull it completely offline for a day to resolve the problem.

Google—which had flagged the site as a potential security risk—has since rescanned the site and given it a clean bill of health, as reported by major media outlets.

"Our site is once again safe to navigate, as verified by Google and McAfee," says Kevin Kinell, vice president of engineering at Auctiva Corp., in an e-mail to users announcing was back online.

While the site was down, users' active eBay listings, images, templates and scrolling galleries remained available and buyers were able to complete transactions using Auctiva Checkout.

Throughout the course of this issue, Auctiva proactively used its traditional means of communication to reach out to customers, including its help desk, site updates, user forum and e-mail, points out Spencer Smith, director of marketing. Additionally, an FAQ was posted that summarizes the scope of the problem and its impact to users.

Auctiva continues to post news and updates on its user forum, Smith adds.

Auctiva believes a hacker infected its site with a malicious script known as Trojan.Adclicker—characterized as more of a nuisance than a threat. Adclicker is one of a generic class of viruses designed to "simulate clicks on banner advertisements, or to inflate Web counter statistics" for monetary gain, according to security specialist Symantec, which classifies the security risk as "low."

Similar attacks have been reported on other high-profile sites such as CBS and Monster. However, unlike those cases, the virus on did not compromise users' personal data.

Responsive action

We were committed to bring live only when we were confident that we could provide the same level of safety and security we have provided to our customers over the last 10 years

Auctiva first discovered malware on some of its servers on Feb. 19, and took measures to take the affected servers offline. This initial effort did not resolve the problem and additional servers were also reported as infected the next day, at which point Google temporarily flagged the site as "potentially dangerous." Over the course of the weekend, Auctiva IT staff worked to clean the remaining servers, and on Sunday evening Google rescanned the site and deemed it safe.

On Feb. 23, Auctiva took its main site completely offline as a precautionary measure. While servers had been cleared, the vulnerability that allowed the attack to occur had not been fixed. By early morning on the 24th, was restored to normal operation.

"We were committed to bring live only when we were confident that we could provide the same level of safety and security we have provided to our customers over the last 10 years," Kinell says.

"During our investigation of the problem, we also consulted with eBay," he adds. "eBay provided resources to help analyze our site and ensure we had accurate information to answer our users' questions."

Moving forward

The company has invested heavily in technology to prevent site intrusion. Auctiva has also significantly augmented its internal security audit capabilities, which are being used to continually monitor and improve the security of all its sites.

"Some of our top engineers have been assigned to identify and eliminate any security vulnerabilities across our network," Smith says. "We're reinvigorated by our commitment to making all our sites as secure and reliable as possible."

Avoiding infection

In order to spread the malware, eBay buyers would have had to click to supersize an image that redirected them to Auctiva's site. Many users report they avoided infection because their computer's antivirus software warned them not to enter

As a matter of sound Web practice, eBay recommends all users regularly scan their computers with antivirus software and keep it updated.

Auctiva further suggests using the Firefox browser, which has been shown to be less susceptible to certain types of Internet security threats.

About the Author

Auctiva staff writers constantly monitor trends and best practices of those selling on eBay and elsewhere online. They attend relevant training seminars and trade shows and regularly discuss the market with PowerSellers and other market experts.

Other Entries by this Author

Follow Us