November 6, 2010 by Brian
This week security firm viaForensics revealed that Paypal’s iPhone app contains a severe vulnerability, which could allow unauthorized persons to get full access to your Paypal account.
This vulnerability used an exploit in app’s code, which allowed to set up fake Paypal sites and intercept users’ login credentials over unsecured WiFi networks.
Paypal quickly patched this exploit and the latest version of Paypal iPhone app (AppStore) should now be safe to use.
So if you do use the Paypal app it’s crucial that you update it now.
However, what if you’ve been affected by this problem, say someone did steal your login information and cleaned out your Paypal account?
Well, thankfully Paypal promised to take full responsibility for whatever might have happened while the exploit was active and promises to refund all those whose accounts were affected.
Still, this is not a good sign to see that major financial institutions’ iPhone apps are so insecure (Read more: WARNING: Bank Of America, Chase, TD Ameritrade, USAA and Wells Fargo iPhone banking apps all have serious security vulnerabilities).
- WARNING: Bank Of America, Chase, TD, USAA and Wells Fargo iPhone banking apps all have serious security vulnerabilities
- Apple iPhone Safari browser memory exhaustion remote Denial of Service vulnerability discovered
- Original iPhone DoS vulnerability still around in iPhone firmware v1.1.4…
Sign up to receive latest iPhone World news and updates via e-mail, RSS, Twitter or Facebook!