• Gresham Law/TheyThem@lemmygrad.ml
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    “Action” How am I supposed to interpret that?


    Public reasons behind this behaviour according to some oligarchs:

    • Fingerprinting to uniquely identify your machine for future reference.
    • Attempting to determine whether your machine is part of a botnet since botnets often use VNC services over various standard ports to control their bots.

    A German computer magazine (Heise) wrote about this observation and asked eBay for a statement.

    eBay’s answer was:

    There is some widely spread software that is either Malware or legit software which can be misused to steal the eBay password. This software is listening on certain TCP ports.
    By trying to establish a connection to these TCP ports, the JavaScript of the eBay website tries to find out if such software is currently running.

    Now the question is, is it justifiable?
    Partially fingerprinting sure but to this extent No, it’s data hoarding most likely to be sold to the highest better after all those come with vulnerable servers & infected users or some personal endeavours (Which kind? Not an answer that I’m longing for it really).
    Nevertheless, you will have a lot of malicious actors that will gladly take advantage of this opportunity.

    Sources:
    https://security.stackexchange.com/questions/232345/ebay-web-site-tries-to-connect-to-wss-localhostxxxxx-is-this-legit-or-they/232347#232347