According to a Netscammers researcher posting on the Networkedblogs portal, the fraudster is routing eBay users looking at potential intended purchases to pages at www.kodak-slideshows.com.
Unfortunately for the would-be purchasers of the bargain item, this site is a spoof of the real Kodak Gallery site.
So far, the hack seems to be confined to the eBay sales of a Ford truck but the wily hacker appears to be planning ahead for when his fake site is closed down by emailing eBayers with a file called pictures.zip that contains an infected file executable called pictures.exe.
Infosecurity notes that, whilst the F150 truck – item number 170515682914 priced at $9,000 – was still live on the system yesterday early evening UK time, it seems to have been removed, presumably by eBay's security division.
The same hacker modus operandi was apparently also used back in August to sell a 1980 Ferrari.
This, however, appears to be the first time that the good name and security profile of Kodak's Gallery service has been tapped for an eBay side-hack like this.
Symantec's Safeweb service, for example, gives the site a clean bill of health, a rating that Infosecurity notes could entrap the less wary users of eBay.com.