PayPal accounts are getting abused en-masse for unauthorized payments
Hackers discovered a vulnerability within the online payments platform PayPal, which allows attackers to perform illegal transactions. The bug lies within PayPal’s Google Pay integration, and hackers have since been exploiting it to buy products online and incur unauthorized charges. Since last Friday, users have reported unauthorized transactions in their PayPal history, however, most of the victims appear to be German users.
Most of the illegal transactions are taking place at US shopping stores, specifically Target stores, according to various screenshots and testimonies provided by victims. The estimated damages are as high as tens of thousands of euros, and some surpass a thousand euros in a single transaction. PayPal has stated that they are investigating the issue after they failed to fix the vulnerability when it was reported by researchers in February of 2019.