• Press Releases
    • Submit a press release
    • Read All
  • Contact us
Advertise
Bitcoinist.com
No Result
View All Result
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
        • Ethereum Casinos
        • Solana Casinos
        • LiteCoin Casinos
        • DogeCoin Casinos
        • Live Crypto Casinos
        • New Casinos
        • Instant Withdrawal Casinos
        • Cash App Casinos
        • No KYC Casinos
        • VPN Casinos
        • Offshore Casinos
          • Crypto Casinos IT
          • Crypto Casinos ES
            • All Guides
          • Crypto Casinos JP
          • Crypto Casinos SG
          • Crypto Casinos MY
          • Crypto Casinos KR
          • No GAMSTOP Casinos in UK
          • No Cruks Casinos NL
      • Crypto Betting
        • No ID sportsbooks
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
        • Aviator Sites
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Breaking News: DOJ's Largest Bitcoin Seizure: $15 Billion In BTC Linked To Cambodian 'Pig Butchering' Scam
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
        • Ethereum Casinos
        • Solana Casinos
        • LiteCoin Casinos
        • DogeCoin Casinos
        • Live Crypto Casinos
        • New Casinos
        • Instant Withdrawal Casinos
        • Cash App Casinos
        • No KYC Casinos
        • VPN Casinos
        • Offshore Casinos
          • Crypto Casinos IT
          • Crypto Casinos ES
            • All Guides
          • Crypto Casinos JP
          • Crypto Casinos SG
          • Crypto Casinos MY
          • Crypto Casinos KR
          • No GAMSTOP Casinos in UK
          • No Cruks Casinos NL
      • Crypto Betting
        • No ID sportsbooks
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
        • Aviator Sites
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Bitcoinist.com
No Result
View All Result
Breaking News: DOJ's Largest Bitcoin Seizure: $15 Billion In BTC Linked To Cambodian 'Pig Butchering' Scam
Bitcoinist_Malicious Code

Recent PayPal Exploit Shows Benefits of Decentralized Payment Solutions

Jp Buntinx
by Jp Buntinx
9 years ago
·
Posted in Bitcoin, Bitcoin Breaking News Brief, Breaking Bitcoin News, Breaking News, Companies, News, News teaser
Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

Online payments are becoming more and more important every day, but that doesn’t mean the platforms we use are stepping up their security game. PayPal, one of the largest online payment processors in the world, recently fell victim to a bug in their account system, allowing users to send malicious code through confirmation emails. Luckily, the person discovering this issue has reported the exploit to PayPal through their bug bounty program, rather than using it for malicious intent.

Also read: Cashila Announces Convenient Buy and Sell Feature For Ethereum

Sending Malicious Code With PayPal Confirmation Emails

Bitcoinist_Malicious Code Paypal

Larger online payment processing platforms have a bigger chance of becoming vulnerable to some form of exploit sooner or later. Luckily for PayPal, German security researcher Benjamin Kunz Mejri discovered a flaw which he reported to the company immediately. If someone else had made this discovery, the company would have been off far worse.

The way this exploit works is by sending emails with malicious code through an existing PayPal account. Sending an email to a different PayPal user requires users to fill in a name – usually first and last name – but it turned out that entry field could be filled with random code, including malicious scripts.

Doing so was not as straightforward as it sounds, though, as Mejri had to bypass a security filter, which can be seen in the video below this article. Once that step was completed, he used the Paypal feature to share an account with other users by adding multiple email addresses. This feature can be compared to a multisignature Bitcoin wallet, albeit with entirely different security precautions.

All of the email addresses on the list to share this particular PayPal account with would receive a confirmation email to accept this invitation. Once a user opens this email, the malicious code is executed in the background, originating from PayPal’s servers. As most people have guessed by now, this method makes it rather easy to execute phishing attacks against other users, while ensuring the email sender is PayPal, rather than spoofing the header.

Other exploits included session hijacking, and even redirecting the user to different web pages or websites. Luckily for all PayPal users, this exploit has been patched in early March 2016, and Mejri received a US$1,000 bounty for reporting this security flaw. White hat hackers are of incredible value to financial service providers, which is why companies such as PayPal have their bug bounty program.

Bitcoin is An Answer To Centralized Services

Bitcoinist_Malicious Code Paypal Bitcoin

Although Paypal is one of the most popular online payment processors in the world, their entire business model is as centralized as it can get. Not only do they take a cut of every transaction – and quite a big one too – but they also hold on to customer funds when both depositing and withdrawing money. Relying on a service with a central point of failure is putting consumer’s funds at risk.

Bitcoin, on the other hand, is entirely decentralized at its core, although there are centralized platforms in this ecosystem as well. Financial control is something very few consumers are accustomed to,  and no longer relying on centralized services requires a major mind shift. However, for those willing to take financial matters into their own hands, Bitcoin is a viable option.

What are your thoughts on this recent PayPal vulnerability? Let us know in the comments below!

Source: Tweakers (Dutch)

Images courtesy of PayPal, Shutterstock

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
ShareTweetShareShare

Sign Up for Our Newsletter!

For updates and exclusive offers enter your email.

I consent to my submitted data being collected and stored.
Jp Buntinx

Jp Buntinx

Follow

JP Buntinx is a freelance Bitcoin writer and Bitcoin journalist for various digital currency news outlets around the world. In other notes, Jean-Pierre is an active member of the Belgian Bitcoin Association, and occasionally attends various Bitcoin Meetups in Ghent and Brussels

Full Profile

Related Posts

Трейдинг

Snorter собрал $5,3 млн — до конца предпродажи 5 дней

2 hours ago
Maxi Doge

Защо Maxi Doge може да се окаже следващият Dogecoin и кои са най-добрите предпродажби в момента?

2 hours ago
Bitcoin

Forget Bitcoin’s Halving — The ‘Business Cycle’ Is The Real Market Killer: Analyst

11 hours ago
Doge

Dogecoin не сдал позиции: рынок ждет решающего импульса

23 hours ago
Bitcoin Hyper

มาแรงสวนตลาด! Bitcoin Hyper ระดมทุนทะลุ 24 ล้านดอลลาร์

1 day ago
แม่เหล็กดึงดูดเหรียญ Bitcoin เปล่งพลังงานสีน้ำเงิน

ถึงเวลาช้อน? สถาบันกว้านซื้อ Bitcoin มากกว่าที่ขุดได้ 6 เท่า

1 day ago
Please login to join discussion

Premium Sponsors

Press Releases

  • bonus kcex

    Bonus KCEX: promozione da $21.000 con un bonus deposito del...

    1 hour ago
  • Maxi Doge

    Защо Maxi Doge може да се окаже...

    3 hours ago
  • 挖 1 枚比特幣耗電可供 61...

    4 hours ago
  • KCEX стартира бонус за търговия от...

    23 hours ago
  • โปรโมชั่นโบนัสสำหรับผู้ใช้ใหม่จาก KCEX แจกสูงสุด 21,000 USDT

    KCEX จัดหนัก!...

    2 days ago

Bitcoin news portal providing breaking news, guides, price analysis about decentralized digital money & blockchain technology.

Bitcoin

  • News
  • Price
  • Businesses
  • Acceptance
  • Technology
  • Investment
  • Regulation
  • Reviews

Altcoins

  • News
  • Price
  • Ethereum
  • Ripple
  • Litecoin
  • EOS

Categories

  • Blockchain
  • Security
  • FinTech
  • Technology
  • Trending
  • Breaking News
  • Press Releases
  • How to

About Us

  • Advertise
  • Contact us
  • Editorial Policy
  • Privacy Policy
© 2025 Bitcoinist.com. All Rights Reserved.
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
      • Crypto Betting
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Advertise

© 2025 Bitcoinist. All Rights Reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy.