1. Hey Guest Did you know you can win an Honor 10 phone worth ₹33,000 and an additional ₹70,000 in paytm vouchers, just by replying to some threads and taking part in the discussions happening in the Honor Hub?

    What are you waiting for? Start commenting and start winning! Remember to read the instructions posted here.

    Dismiss Notice

PayPal vulnerability allows access to any account within 30 seconds

Discussion in 'Technology News' started by sygeek, Jun 16, 2011.

  1. sygeek

    sygeek Well-Known Member

    Joined:
    Apr 16, 2010
    Messages:
    2,210
    Likes Received:
    52
    Trophy Points:
    48
    Location:
    Lucknow


    A security vulnerability in PayPal’s systems makes it possible to gain full, unrestricted access to any account within 30 seconds, we’ve heard from Matt Langley of Integrated Computer Enterprises Limited.

    The vulnerability lies in PayPal’s forgotten password recovery features. Says Langley:
    Once the attacker has access, there’s nothing restricting their ability to siphon money out of the account.

    The exploit is, of course, a direct violation of PayPal’s privacy policy and a laundry list of laws, so don’t try this at home — but PayPal needs to act as thieves aren’t particularly concerned with such things.

    After a range of high profile attacks this year, use of this vulnerability would easily topple the Sony PlayStation Network attack as the most significant and damaging of the year. PayPal is used by millions of Internet users to transfer money.

    Our source says that PayPal has been warned previously but ignored his emails. We’ve contacted PayPal on this matter and are awaiting a response.

    [I'm not sharing any hack tricks, just a bug. Don't try to use this method to gain access to any account, you're bound to be caught.]


    The weird fact about this bug is, you can't avoid this on your personal level, it's all upto the company. Looks like I need to hide my email.
     
  2. deathwish

    deathwish Are you dead yet?

    Joined:
    May 14, 2008
    Messages:
    57
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    Recesses of your mind
    Wow!! Now this takes the security issues, or rather security blunders, to a whole new level! If this news breaks out in a big way, it could make most casual users wary of using internet banking, which would push us back a few years in this domain. :|
     
  3. Vyom

    Vyom The Power of x480 Staff Member

    Joined:
    May 16, 2009
    Messages:
    6,047
    Likes Received:
    150
    Trophy Points:
    63
    Location:
    "New" New Delhi
    Scary stuff.
    Hoping PayPal responds soon.
    It's good that, I don't have a PayPal account, for now.
     
  4. gagan007

    gagan007 Uhu, Not Gonna Happen!

    Joined:
    Nov 22, 2005
    Messages:
    1,132
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Bangalore
    Thanks, I am removing my credit card now!
    Unbelievable! :(
     
  5. Ishu Gupta

    Ishu Gupta Manchester United

    Joined:
    Oct 31, 2010
    Messages:
    2,098
    Likes Received:
    12
    Trophy Points:
    38
    Location:
    Noida
    Paypal in India sucks anyways.
    You can't buy anything and you have to withdraw your balance within 1 week (iirc) or it'll get reset.
     
  6. Vyom

    Vyom The Power of x480 Staff Member

    Joined:
    May 16, 2009
    Messages:
    6,047
    Likes Received:
    150
    Trophy Points:
    63
    Location:
    "New" New Delhi
    I thought in India it's PaisaPay, the substitute of PayPal!
     
  7. Ishu Gupta

    Ishu Gupta Manchester United

    Joined:
    Oct 31, 2010
    Messages:
    2,098
    Likes Received:
    12
    Trophy Points:
    38
    Location:
    Noida
    That's from eBay.
    You can make a Paypal account in India.
     
  8. OP
    OP
    sygeek

    sygeek Well-Known Member

    Joined:
    Apr 16, 2010
    Messages:
    2,210
    Likes Received:
    52
    Trophy Points:
    48
    Location:
    Lucknow
    Paypal in India is close to DEAD! *f word* you RBI.
     

Share This Page