EBay performs local port scan on visitors

Spread the love

Auction site eBay does a local port scan for all visitors to the site. When visiting eBay, the system is scanned for the presence of tools that enable remote access, such as Windows Remote Desktop or TeamViewer. The site scans fourteen ports.

The site does this via a check.js javascript code. When visitors go to ebay.com, it automatically scans whether they have certain ports open on their computer. Several websites, including Bleeping Computer, found that at least fourteen ports were involved.

Program Name eBay Gives Gate
VNC VNC 5900
VNC VNC 5901
VNC VNC 5902
VNC VNC 5903
Remote Desktop Protocol RDP 3389
Aeroadmin ARO 5950
Ammyy Admin AMY 5931
TeamViewer TV0 5939
TeamViewer TV1 6039
TeamViewer TV2 5944
TeamViewer TV2 6040
Anyplace Control APC 5279
AnyDesk ANY 7070

Also for a still unknown program is scanned on port 63333.

It is not known why eBay carries out port scans exactly. The original discoverer, NullSweep, speculates that it is a security measure. Tools like VNC are sometimes misused by botnets or malware to gain access to a PC.

Port scans on their own can’t do much harm, but it’s noticeable when a site does it. EBay is also not the first site to do port scans, but this is usually done by banks, for example, who want to scan users’ systems for viruses.

eBay itself has not yet commented on the discovery. Users on Reddit, among others, note that port scanning can be blocked with add-ons such as NoScript or with ad blockers.

You might also like