PayPal Two-Factor Authentication Broken

HardOCP News · Jun 27, 2014

It looks like PayPal is finally getting around to doing something about its broken two-factor authentication system.

Lanier, whose team also created a proof-of-concept demonstrating how the bug could be exploited, says the worst-case scenario would be an attacker gaining access to a user's password, bypassing the second factor of authentication, and transferring money from the victim's account. "An attacker could use someone's credentials they got from a password dump" to bypass the second factor step in logging into the account, he says.

Gweenz · Jun 27, 2014

Steve said:
It looks like PayPal is finally getting around to doing something about its broken two-factor authentication system.

No, the worst-case is the attacker then using that money to buy your mother and pimping her out.

Aluisious · Jun 27, 2014

I'm not sure anything ever escalated faster than this.

PayPal Two-Factor Authentication Broken

HardOCP News

[H] News

Gweenz

[H]ard|Gawd

Aluisious

2[H]4U