As reported over on AuctionBytes.com, and discussed widely on Twitter this past weekend, in a nutshell last Thursday, Auctiva discovered malware on some of their servers and wiped the infected servers clean by Saturday morning. By Sunday evening, Google had cleared Auctiva as safe to navigate. However, further malware was discovered Monday and Auctiva was taken temporarily offline to prevent further infection.
Auctiva’s VP of engineering, Kevin Kinell, sent out the following email last night:
SUBJECT: Information regarding Auctiva’s Site Warning
On Thursday, February 19 we discovered the presence of malware on the Auctiva servers. This caused Google to flag Auctiva as a dangerous site. Our Systems Engineers identified the malware through our monitoring system and they immediately began working to isolate the infected servers and take them offline. During this process the site was running on fewer servers and you may have experienced some delays.
The infected servers were wiped clean and by Saturday morning, most servers were put back online. As of Sunday night, Google rescanned Auctiva.com and determined we were safe to navigate. However, upon continued monitoring today, additional malware was detected and we decided to temporarily take Auctiva.com offline to eliminate the possibility of further infection. We take the security of our site very seriously. We have identified the source of the problem and we are working 24/7 to resolve the issue. We will bring Auctiva.com back online once we are confident we can provide the level of safety and security for our customers that we have for the past 10 years.
What can you do now?
If you visited http://www.auctiva.com between Thursday evening and Saturday afternoon at about 2 PM PST, as a precautionary measure we recommend taking the following actions to ensure that your computers are not infected:
1. Clear your browser cache, delete ALL temporary internet files, and restart your browser. For instructions specific about your browser: http://community.auctiva.com/eve/forums/a/tpc/f/1081020411/m/11910151?r=31410571#31410571
2. If using a Windows machine, make sure you are updated with all the current Microsoft updates and patches.
3. Make sure you are running reputable antivirus software.
4. Use the Firefox browser if possible, as it has been shown to be less susceptible to this sort of malware than Internet Explorer.
During this time your Auctiva Checkout, scheduled listings, and images, templates and scrolling gallery in listings on eBay will remain available.
As we work through this issue we will post regular updates on our Community Forums http://community.auctiva.com/eve/forums/a/frm/f/1081020411.
Sincerely,
Kevin Kinell
VP, Engineering
I received some emails yesterday afternoon/evening asking how eBay was involved with the situation and was issued the following statement late last night. The statement essentially reiterates the points of information as broken down by Kevin in his email above but I wanted to share nonetheless:
We can confirm that the Auctiva website did have an issue with malicious content being hosted on it.
Auctiva is working to finish repairing the malware issues on their site this evening. Auctiva will keep the user community updated on their progress through the Community Forums at http://community.auctiva.com/eve/forums/a/frm/f/1081020411">http://community.auctiva.com/eve/forums/a/frm/f/1081020411 <http://community.auctiva.com/eve/forums/a/frm/f/1081020411> .
eBay’s online security experts have been working directly with Auctiva throughout the day to help them fix their issue.
We encourage any eBay sellers who feel they may have been affected using Auctiva services to contact Auctiva directly through the Auctiva Customer Support page, http://www.auctiva.com/help/requesthelp.aspx.
I’ll keep folks updated if and when I hear more.
Cheers,
RBH
