by Tara Seals, InfoSecurity:
A vulnerability that would have enabled a hacker to completely bypass the authentication system in PayPal has been patched, resulting in a $10,000 bounty for the white-hat that found it.
Worth every penny, too: the flaw put 150 million PayPal customers in danger of having their accounts hijacked with a low-effort, simple gambit.
The flaw was publicly disclosed by Egyptian researcher Yasser Ali, after he saw that the cross-site request forgery (CSRF) Prevention System implemented by PayPal had a critical flaw. The CSRF token for authorization of users is changed with every request made by a user as a security precaution. But, Ali found that the ‘CSRF Auth’ token is reusable for a specific user email address or username, meaning that a hacker could intercept and take possession of the tokens, and then simply reuse them to access the account of the correlated, logged in user.
Please follow SGT Report on Twitter & help share the message.