Three UK men arrested over eBay-owned Stubhub cyber fraud

Cyber crime

Three UK men have been arrested for allegedly taking part in a cybercrime sting that saw eBay-owned ticket selling site Stubhub defrauded to the tune of around $1 million.

A total of seven men have been arrested in Russia, the US and Spain, for their part in the scam, which resulted in more than 1,600 Stubhub accounts becoming compromised and used to make fraudulent ticket purchases in 2013.

The gang are alleged to have defrauded Stubhub by around $1 million (587,000) through reselling the tickets, before laundering the money they received through UK bank accounts and PayPal.

The gang are thought to have obtained the usernames and passwords of the accounts they accessed by either trawling through data obtained through breaches at other websites or by installing keystroke-logging software on users' machines.

The company has also been quick to stress that the compromised accounts had not been accessed via an eBay server breach.

The arrests, which were made on Tuesday, were the result of an international investigation involving the US Secret Service, the City of London Police, and the Royal Canadian Mounted Police.

"This is an important investigation, targeting cybercriminals who are believed to have defrauded Stubhub out of $1 million," Adrian Leppard, the City of London Police Commissioner, told BBC News.

"[They did this] by hacking its United States' customers' accounts to fraudulently purchase and sell tickets, and then laundered their criminal profits through legitimate UK bank accounts."

This is the second time this year that eBay has found itself at the centre of a cyber security storm, after it suffered a major data breach in May that saw millions of its users forced to change their passwords.

Ross Brewer, vice president and managing director for international markets at security vendor LogRhythm, said the case highlights why end users need to use different passwords for each website they visit.

"Using compromised credentials whether employees' or customers', as in this case is one of the easiest ways for hackers to gain entry to a system and it appears the method is still proving highly lucrative," he said.

"As consumers, we're frequently told to use separate, complex passwords for all accounts, however this advice has clearly not resonated with the general public.

"Multiple tactics were used, from keylogging to malware and given this determination, online businesses really need to be encouraging their users to frequently change their passwords to avoid this kind of exercise being successful in the future," Brewer added.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.