Egyptian ‘ethical hacker’ gets $10,000 reward from PayPal

Directnic
network-security

Not all hackers are malicious.

Yasser Ali, an Egyptian student and ‘ethical hacker’ found a pair of serious vulnerabilities at PayPal, including a method that allowed a “single click” infiltration of user accounts.

The PayPal security team fixed the gaping holes that would allow cross site request forgers to execute authorized commands, eventually taking full control of PayPal accounts.

In addition, the same ethical hacker found and reported that security questions on PayPal accounts were not locked with a password authentication mechanism, thus allowing him to modify PayPal profiles at will.

PayPal rewarded him with $10,000 dollars as a bounty, per the PayPal vulnerability reporting program that allows security experts to report issues.

You can view a video of Yasser Ali’s demonstration of the PayPal account infiltration below.


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Copyright © 2017 DomainGang.com · All Rights Reserved.

Comments

One Response to “Egyptian ‘ethical hacker’ gets $10,000 reward from PayPal”
  1. wow nice one, congrats Yasser Ali , u found worth for $10k … nice to know that PayPal rewarded him.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available