Paypal for iPhone Wi-Fi exploit discovered, patched

It seems a security hole in Paypal's iPhone app has been discovered that would allow hackers to access user's Paypal username and passwords over Wi-Fi. The "man-in-the-middle attack" let's the hacker come between the user input information and Paypal's servers. Although this is dangerous, it does require the hacker to be on the same Wi-Fi connection as the user in order to steal their information.

Airports, train stations, coffee shops, and other public Wi-Fi locations are the most susceptible. Paypal has issued a statement assuring if anyone does fall victim to this exploit, Paypal will cover 100% of all fraudulent charges. Paypal spokeswoman Amanda Pires had this to say -

"To my knowledge it has not affected anybody," Ms. Pires said. "We've never had an issue with our app until now."

Isn't that how it typically works, though? You don't have problems, until you do. And this is a large one. I'd highly suggest updating ASAP, the update is available via the App Store now.


[via WSJ]

Have something to say about this story? Leave a comment! Need help with something else? Ask in our forums!

Allyson Kazmucha

Senior editor for iMore. I can take apart an iPhone in less than 6 minutes. I also like coffee and Harry Potter more than anyone really should.

More Posts



← Previously

Apple's dead pixel policy for iPhone, iPad

Next up →

Verizon iPhone probably not coming next week

Reader comments

Paypal for iPhone Wi-Fi exploit discovered, patched