Banking Trojan TrickBot is no longer hitting only banks and financial institutions, but also added payment processing and Customer Relationship Management (CRM) providers to its list of targets.
Supposedly developed by the same gang that previously operated the Dyre Trojan, TrickBot was first spotted in the summer of 2016, and initially detailed in October. By November, the malware was being used in widespread infection campaigns in the UK and Australia, and popped up in Asia the next month. Earlier this year, it started targeting the private banking sector. The 26 active TrickBot configurations observed in May 2017 were targeting banks.Read more
UK security researcher Henry Hoggard has found a very simple method of bypassing PayPal's two-factor authentication (2FA) mechanism, allowing an attacker to take over PayPal accounts in less than a minute.
The researcher claims to have discovered this method while in a hotel with no telephone signal, and no way to receive the 2FA verification code to his device via SMS. The researcher says the problem was found in the "Try another way" link that appears under the 2FA section of the login screen. PayPal provides this option to PayPal account owners for situations when they can't reach their phone, or they have no signal, as was case for him.Read more
Hackers are spreading the Chthonic banking trojan via legitimate-looking PayPal emails, security outfit Proofpoint has warned. The emails are 'authentic' and don't trigger antivirus warnings because they come via PayPal from accounts that appear to be legitimate.
"The sender does not appear to be faked. Instead the spam is generated by registering with PayPal and then using the portal to request money," said Proofpoint in a security advisory. The attackers take advantage of a feature that allows users to include notes when sending money request messages. One sample picked up by Proofpoint showed that Gmail failed to block the email since it appeared to be legitimate.Read more
PayPal has addressed a vulnerability that could have been exploited by hackers to insert malicious images into payment pages. Security researcher discovered that the URL of payment pages set up by PayPal users included a parameter called “image_url.”
The value of this parameter could have been replaced with a URL pointing to an image hosted on a remote server. This could have allowed an attacker to use a third-party vendor’s PayPal payment page to deliver malicious images. An attacker could have exploited this vulnerability by getting an unauthenticated user to click on a specially crafted link.Read more
PayPal has patched a security issue which could allow attackers to exploit the platform for the purpose of sending malicious emails. Researcher revealed the existence of an application-side mail encoding web vulnerability and filter bypass issue in the official PayPal online Web application.
Granted a Common Vulnerability Scoring System score of 3.9, the security problem is considered a "medium" threat to the online payment provider's services. If exploited, cyberattackers are able to inject malicious codes into the mail header of emails sent via PayPal's portal. Cyberattackers were able to compromise PayPal's systems.Read more
PayPal has fixed a serious vulnerability in its back-end management system that could have allowed attackers to execute arbitrary commands on the server and potentially install a backdoor.
The vulnerability is part of a class of bugs that stem from Java object deserialization and which security researchers have warned about a year ago. In programming languages, serialization is the process of converting data to a binary format for storing it or for sending it over the network. Deserialization is not an issue in itself, but like most processes that involve processing potentially untrusted input, measures need to be taken to ensure that it is performed safely.Read more
Under specific conditions, PayPal can ask users to confirm their identity to prevent frauds. When users are asked to verify their identity, their account is not accessible and in order to unblock it PayPal request them to make a call or send an email to its service and complete the procedure.
Mejri explained that a vulnerability affecting the PayPal mobile app that can be exploited by attackers to access blocked accounts through repeated login attempts that leverage valid session cookies. The same trick could be used to bypass two-factor authentication process, once the attacker successfully accesses the account is it able to change its settings.Read more
Evaluating online cybersecurity awareness of 2,011 consumers from the USA and United Kingdom, a new survey by One Poll and Dimensional Research revealed that a lot of respondents believe using a third party payer such as PayPal or Google Wallet is the safest way to pay for goods online.
With so many retail breaches this year, it is not surprising that people are now more comfortable shopping online. However, consumers still need to be wary of where they are storing their data. Third party payment providers make the online shopping experience easier, but they can and will be targeted just the same as the retailers themselves.Read more
The hectic shopping season isn't just about finding perfect gifts. It's also prime time for identity thieves to snag your info. Avoiding long lines and cranky crowds are just two of the benefits of online shopping.
But getting hacked while buying a toy playset from the hit movie "Frozen" through an online seller is a real shopping risk, too. It may seem that protecting yourself from hackers is impossible, given that it's been a banner year for identity theft. In 2014, hackers stole tens of millions of email addresses and credit card numbers from US retailer Home Depot and bank JPMorgan. Fortunately, there are simple steps you can take to protect yourself that don't require expertise in network penetration technology.Read more
The eBay owned popular digital payment and money transfer service, PayPal has been found to be vulnerable to a critical web application vulnerability that could allow an attacker to take control over users' PayPal account with just a click, affecting more than 156 millions PayPal users.
An Egyptian security researcher has discovered three critical vulnerabilities in PayPal website, which could be used by cybercriminals in the targeted attacks. PayPal uses security Auth tokens for detecting the legitimate requests from the account holder, but expert successfully bypassed it to generate exploit code for targeted attacks.Read more