Bitdefender has identified a vulnerability in the operation of PayPal, one of the largest payment processors worldwide, which would have allowed attackers to send specially created files to force the execution of malicious code on users’ computers. Hackers were able to orchestrate large attacks on PayPal customers, say those from Bitdefender.
The company Bitdefender notified PayPal and the vulnerability has been fixed. PayPal not reported until now attacks that have based on this type of attack, but there is not enough information to exclude that this vulnerability was fully or some target to similar to PayPal customers.
The vulnerability identified depends on the way that PayPal process and encrypts links to files uploaded by users – invoices, receipts, payment orders. Once known algorithm which generates these links, attackers could insert malicious code and distribute files containing links to valid PayPal customers.
“The consequences of this attack could have affected the company’s clients, given that attackers could use the platform to spread the virus to a large number of users. These types of attacks raised interest villains because they can distribute viruses masked in messages delivered through services that trust, “says Catalin Cosoi, Chief Security Strategist in the Bitdefender.
BitDefender specialists have loaded an HTML document which was executed successfully, causing the server to display a page PayPal impaired, that potential attackers could upload malware, taking full control over the victim’s computer. Research has revealed that people using Firefox could have easily exposed to attacks, because the document is executed directly in the browser, while in other cases PayPal customers must download the file for access by computer. However, while the document came from a legitimate source, users would be executed without them suspicious.
