The domain hijack attack happened at the end of August when visitors to the eBay.de site were redirected to a different domain name server (DNS), meaning that they could not access auctions.
According to Frank Federau, a spokesman for the Lower Saxony police, the 19-year-old is not a computer expert. The boy claims to have merely stumbled across Web sites that described how to do a DNS transfer.
He claimed that "just for fun" he requested a DNS transfer for several sites including Google.de, Web.de, Amazon.de and eBay.de. Most of these transfers were denied, but the transfer for eBay went ahead. It is unclear how the domain could have been transferred without the consent of the owner.
The teenager said he did not want to cause damage. Indeed, according to Federau, he was shocked when he was told that he had become the new owner of the eBay.de Web address. The domain has now been returned to its rightful owner.
eBay said that user data was not endangered by the domain hijacking.
Maike Fuest, a spokeswoman for eBay, said on Tuesday that the company is not taking any action until it has investigated the incident.
"We want to carefully check all the facts, before we do anything," said Fuest.
The teenager is likely to face charges of spying on data and computer sabotage, Federau said.
In May this year, anotherwas arrested on suspicion of creating the Sasser computer worm that infected millions of computers worldwide. The case against the Sasser suspect is due to start soon.
The full news report (in German) on the eBay domain hijacking can be found here.
ZDNet Germany's Martin Fiutak reported from Munich. Ingrid Marson of ZDNet UK contributed to this report.