I may have more sympathy for Auctiva than most, since I know how extremely difficult it can be to keep a site free of the thousands of different security threats out on the web. And in the case of Auctiva, chances are they didn’t even *know* they had been compromised until they Googled their name one day and saw the Google message. And now they’ve got a regular bruhaha on their hands. Sucks to be them.

From my experience, there are two main attack vectors that get exploited to cause 95% of these types of break-ins. The first is leaving one’s site vulnerable to XSS attacks (http://en.wikipedia.org/wiki/Cross-site_scripting) by having insufficient filtering of potentially malicious Javascript in item listings. If I were to guess, I would imagine that was what bit Auctiva. eBay’s HTML filter is extremely permissive, since they’ve had the resources to tweak it for years to ensure that it allows every possible good HTML element through an no bad ones. Bonanzle’s HTML filter is very strict, which means we often get annoyed sellers telling us that HTML elements imported from eBay don’t work at Bonanzle, but it’s the price we pay to ensure that we are as immune as possible to a potential XSS attack.

The other vector of attack is running one’s server on Windows with ASP, where the systems are much more complex, and thus have historically had a greater number of vulnerabilities. Bonanzle runs on Linux with open source software that is simple and transparent, so very unlikely to be vulnerable to a direct attack on the system.

I hope that Google gets a chance to verify Auctiva’s fix soon — it’s a really rotten position they’ve been put in.

Bonanzle is affected too. I just found your forums. All those Ebay uploads you have been promoting has affected Bonanzle as well.

I get the error with Chrome, but not with IE 7. Enjoy your blog. Thanks!

Dave