Delete your PayPal account from Google Pay. These accounts are easily hackable
Multiple users have reported on social media unusual activity related to their PayPal accounts. According to cybersecurity specialists, reports relate to unauthorized transactions issued to or from users’ accounts and recorded in history as if they originated from their Google Pay profiles.
Apparently there is a group of threat actors behind this incident. These hackers would have exploited the integration of PayPal and Google Pay, a feature used to link both accounts and create a virtual card. Users can make payments using this card, although PayPal does not ask for additional authorizations to make these transactions.
According to cybersecurity specialists, there
are at least three ways attackers could have accessed information on these
card details from users’ devices
a malware variant to steal information from devices
brute force attacks
In a statement, PayPal mentioned that he was
aware of the situation, although it was revealed that for now the company
cannot reveal further details, as the authorities have already begun to
investigate the incident.
The researchers also mentioned that most of the
reports related to this incident originate in Germany. One of the compromised
users in the European country even mentions that this incident could be related
to a known vulnerability in PayPal that would allow access to this confidential
information to perform unauthorized transactions. “PayPal allows <<contactless>> payments
through Google Pay. If this feature is configured, virtual card details can be
accessed from a smartphone, without authentication. That’s why virtually anyone
near a smartphone with this feature enabled could access the virtual card
details, extracting credit from the victim’s PayPal account,” says the
Cybersecurity experts believe this is really
possible, although it is necessary to say that there are no official
confirmations. According to the International Institute of Cyber Security (IICS),
PayPal has begun to verify all transactions possibly made due to this incident,
so users expect to be able to recover their assets.