E-commerce has gained a lot of weight in recent times. Every time we have more platforms at our disposal to be able to make purchases from anywhere through the Internet. One of those options we have is eBay. It is one of the best known and also used services. Today we are echoing a story that reports on how eBay scans the ports of visitor computers for remote access programs.
eBay scans visitor ports
This occurs when visitors enter the ebay.com page. At this time, a script is run that performs a local port scan of the visitor’s computers. Aims to detect remote support and remote access applications.
Many of these ports it scans are related to remote access tools like Windows Remote Desktop, VNC, TeamViewer and the like. Altogether it performs a scan of 14 different ports when a user enters your website.
To carry out this scan use the script check.js. That script tries to connect to the ports. Specifically with the 14 ports that we show in the image below.
As we see, the security researchers who have analyzed all this, have not found the real target of port 63333. The script performs these scans using WebSockets to connect to 127.0.0.1, which is the local computer, on the specified port.
They also indicate that port scanning occurs in Windows, but not when browsing from Linux. This is so since all the tools it analyzes are from Windows.
Target detect fraudulent purchases
As we can see, port scanning only looks for remote access programs . This makes it more likely (at least as the security researchers who have analyzed these scans believe) to be just looking to check if there are potential compromised computers being used to make fraudulent purchases on eBay.
It is not the first time something like this happens. On other occasions, user equipment has been detected that was fraudulently taken over and controlled by TeamViewer and was used to buy through this platform.
Because many eBay users use cookies to automatically log in to the site, attackers were able to remotely control the device and access eBay to make purchases.
Although eBay’s goal is to prevent fraudulent purchases, as we see, it is still something intrusive to users. This is a problem that many may see as loss of privacy.
In short, eBay scans the ports of the visitors’ computers to detect if they are related to remote access tools. The idea is to avoid possible fraudulent purchases that can be made by controlling third-party equipment. It is something that has been seen on other occasions. However, for this they violate the privacy of users and many may not see this favorably.