Comment There was no hack (Score 5, Informative) 37
The article is completely overblowing this, borderling lying. Ebay was not hacked. The BBC should be ashamed and take the article down:
EBay has been compromised so that people who clicked on some of its links were automatically diverted to a site designed to steal their credentials.
But the image caption says the truth:
A listing for an iPhone 5S contained code that resulted in users being sent to a scam site
Those are *completely* different issues. A link is not a hack! The article goes on to make up more garbage:
He [the security researcher] said that the technique used was known as a cross-site scripting (XSS) attack. It involved the attackers placing malicious Javascript code within product listing pages.
Posting a link is not an XSS attack. And a link is not the same as Javascript.
The article says "a security researcher" but they never say the persons name or credentials. I bet there was no researcher. It sounds more like a friend of one of the reporters saw this scam link, Googled some search terms and came-up with "XSS" then suddenly became a security researcher.