PAYPAL VULNERABILITY ISSUE

Updated: 09/10/2015 10:47
Reprints/Permissions  Hyip Monitor
paypal vunlerability issue
Vulnerability Lab detected security breach at PayPal mobile apps, which allows fraudsters to bypass two-factor authentication and access blocked accounts
Vulnerability Lab detected security breach at PayPal mobile apps, which allows fraudsters to bypass two-factor authentication and access blocked accounts

The founder and the owner of the Vulnerability Lab company Benjamin Kunz Mejri informed about the vulnerability detected in PayPal mobile application, which allows to bypass the two-factor authentication and get access even to the user's account previously blocked. The breach is in iOS and Android systems. With the purpose to prevent fraud in some cases PayPal can request for the customer's identity confirmation and block accounts.

In order to get your account unblocked, one should make a phone call or send e-mail to the address of the service as described in the pop-up form. The vulnerability allows a remote fraudster get access to the account blocked by means of multiple authorization attempts.

Making multiple requests for the form with the existing account, the specialists from Vulnerability Lab managed to bypass the identity confirmation procedure. API loads website content and a customer can enable the personal account into the identification process with the help of the browser. Mr. Mejri claims even if the account is locked, customer can access  it via mobile API with the cookies existing.

This technique also works good to bypass the two-factor authentication, for, once getting access to personal account, fraudsters can easily change its settings, including the password. The head of Vulnerability Lab informed PayPal of this bug early in April 2015. However, the company hasn't fixed the breach yet, possibly not thinking of it as a critical one.


About the author

Joe Wong is another example of a good dependable and collaborative team player with a proven ability to write colorful, persuasive copy. Having impeccable grammar, strong editing skills and a long track record of writing technical, promotional, and advertising articles, reading copies by Joe Wong readers stop and think every time they read the copies, news and articles written by Joe Wong at HYIPNews.com
You May Also Like