Paypal for iPhone Wi-Fi exploit discovered, patched

It seems a security hole in Paypal's iPhone app has been discovered that would allow hackers to access user's Paypal username and passwords over Wi-Fi. The "man-in-the-middle attack" let's the hacker come between the user input information and Paypal's servers. Although this is dangerous, it does require the hacker to be on the same Wi-Fi connection as the user in order to steal their information.

Airports, train stations, coffee shops, and other public Wi-Fi locations are the most susceptible. Paypal has issued a statement assuring if anyone does fall victim to this exploit, Paypal will cover 100% of all fraudulent charges. Paypal spokeswoman Amanda Pires had this to say -

"To my knowledge it has not affected anybody," Ms. Pires said. "We've never had an issue with our app until now."

Isn't that how it typically works, though? You don't have problems, until you do. And this is a large one. I'd highly suggest updating ASAP, the update is available via the App Store now.


Allyson Kazmucha

iMore senior editor from 2011 to 2015.