Browser flaw exposes PayPal to hackers

No primary category set

There’s a serious hole blown in PayPal’s security, and there’s very little that PayPal themselves can do to protect users against the exploit.

Internet Explorer, Google Chrome or Apple Safari browsers running on Windows are all affected and the only safe browser is the latest versions of Firefox (version 3.5 or later).

Basically there is a flaw in Microsoft’s CryptoAPI used by many Internet browsers which allows a hacker to display authentic looking pages with https:// URLs. Normally https:// web addresses are secured by SSL certificates, but the flaw allows use of SSL certificates from other sources to be used to replace the PayPal certificate and it’s impossible for the user to spot the difference.

The security flaw was first published in July and Microsoft are yet to release a fix. Until then best practice has to be to use the Firefox browser to access PayPal.

RELATED POSTS..

PayPal USD Stablecoin launched pegged to US$

PayPal USD Stablecoin launched pegged to US$

German Customers switch on to PayPal

German Customers switch on to PayPal

eBay 3PM Shield acquisition bolsters ability to identify fakes

eBay 3PM Shield acquisition bolsters ability to identify fakes

PayPal-Return-Shipping-on-Us-scrapped

PayPal Return Shipping on Us scrapped

Zettle-PayPal

PayPal Launches POS Solution for Small Businesses in the U.S.

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars