In 2020, cyber gangsters extensively misused a security hole in the PayPal virtual credit cards for unauthorized debits generated for Google Pay. The researchers who discovered the gap at the time had already informed PayPal of the details last week. Although the company claimed that it had finally solved the problem, the analysis showed that the gap remained exploitable. Now PayPal is said to have secretly improved.
The testimonials of cheated PayPal users, who had previously exchanged ideas with others ebbed away. Probably because many users implemented the precautionary measure that was recommended and the scam became unattractive for fraudsters. Apparently, PayPal also implemented an announcement to simply reimburse unauthorized amounts debited, to the satisfaction of the users.
A few weeks earlier, it was still possible to abuse the gap with old virtual credit cards, while PayPal had already checked the expiry date at least for new cards. PayPal had said nothing more in connection with the gaps. It should be noted that they did not carry out extensive tests of the current status, but only a brief check. The fact that Google Pay and PayPal can now be linked with a good feeling cannot be deduced from this. Apparently, many of the users are even said to have protected their two-factor authentication and are therefore protected against hack attacks. There were no abnormalities or indications of a hacker attack in the login activities.
The Vulnerability Is Still Not Resolved
Google: Neither personal data nor financial information was stolen from PayPal customers, nor did third parties have access to PayPal accounts, the company said. So users do not have to change their account access data. At first, PayPal did not disclose the cause of the problem. The vulnerability is still not resolved. Now Google seems to be reacting again.