PayPal security; How Brian Krebs's account was violated

Hackers managed to gain access to the PayPal account (twice in fact) which investigative reporter Brian Krebs on Christmas Eve. However, Krebs managed to stop them twice from trying to transfer money to an account linked to ISIS.card security lock PayPal

Krebs, who has been the target of several previous unsuccessful defamation attempts (he was most recently mailed heroin by ) calculates that his account was taken over using social engineering and not by breaking his password.

“The attacker just called her πελατών της PayPal, προσποιήθηκε ότι είμαι εγώ, και ήταν σε θέση να επαναφέρει τον κωδικό πρόσβασής μου με την παροχή των τεσσάρων τελευταίων ψηφίων του αριθμού Κοινωνικής Ασφάλισης μου και τα τέσσερα τελευταία ψηφία μιας παλιάς πιστωτικής μου Krebs says in his blog.

The second hack was done, while PayPal had previously promised to track the journalist's account for suspicious activity after the first attack he received only a few hours ago, the reporter said.

The black hats who gained access to Krebs' account tried to transfer money to the account of Junaid Hussain (yes he of ISIS), recently killed by a US drone strike in Syria.

PayPal has currently locked Krebs' account. However, the whole incident serves to remind us of the weaknesses of PayPal's anti-scam systems, as well as the weakness of its two-factor authentication technology via .

The technology used by PayPal, and called it Security Key, did not prevent the account from being breached.

"PayPal Security Key is not useful if the company lets thieves reset your phone password using your Social Security number," said the researcher.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).