Skip to main content

Teenage Australian hacker reveals PayPal flaw

posted onAugust 6, 2014
by l33tdawg

A teenage Australian ‘white hat' hacker who found a flaw in PayPal's authentication system in June has now gone public on the problem because PayPal has still not fixed it.

But Melbourne-based Joshua Rogers – who was arrested by armed police earlier this year after he alerted the Victorian Transportation Department to a leak in its 600,000-user database – has divided security industry opinion by going public, with one expert accusing him of doing “a disservice to PayPal users by unnecessarily exposing them to new risks” and “a disservice to the security industry by perpetuating the stereotype of cowboy hackers”.

Rogers, who is 17, says in a 5 August blog post that PayPal's two-factor authentication (2FA) system can be bypassed. The flaw comes through the way PayPal (which is owned by eBay) allows users to link their eBay and PayPal accounts so when they sell something on the auction site, the fees automatically come out of their PayPal account.

Source

Tags

PayPal Security Australia

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th