Google Wallet Hacked Again, Now You Should Panic
What makes the new hack so dangerous is that it requires absolutely no hacking. While yesterday's exploit required you to crack encrypted files, today's requires you to simply clear the data in the app settings. Doing so forces Google Wallet to reset itself and prompt the user for a new PIN. Once that's done, the attacker ties in a Google PrePaid card to the account and prestoall previously available funds are once again accessible. The method has been tested by multiple sources and confirmed by Google itselfthis is not a drill.
Google has issued a statement regarding the new method, We strongly encourage anyone who loses or wants to sell their phone to call Google Wallet support toll-free at 855-492-5538 to disable the prepaid card. We are currently working on an automated fix as well that will be available soon. We also advise all Wallet users to set up a screen lock as an additional layer of protection for their phone.
http://gizmodo.com/5883913/google-wallet-has-been-hacked-again-now-you-should-panic
Angleae
(4,482 posts)hobbit709
(41,694 posts)TygrBright
(20,756 posts)I use my phone for making and receiving phone calls!
Ain't that WEIRD?
amusedly,
Bright
You can do a lot with a "dumb" phone provided you have sms. Text your query to 466453 (GOOGLE) and they'll text back your results. For example:
truedelphi
(32,324 posts)Google stands with an entourage of companies that want us to put EVERYTHING into the Cloud.
The continual refrain these days is: "Cloud is good. Put your data on the cloud. It is good for you! And everyone will be doing it, so get a head start on them!"
If they cannot guarantee the simple accomplishment for something like total security for an app, Gawdess help us all ten years from now when EVERYTHING is in the cloud.
One thing I will guarantee - I will be the last computer user on Earth that uses the Cloud!
discntnt_irny_srcsm
(18,479 posts)...as long as I own the cloud. I have my own. I bought 2 NAS boxes and a built a WHS system. My home network is accessible from the internet via a dynamic dns.
douglas9
(4,358 posts)On Saturday, Google announced that it was temporarily shutting down the use of prepaid credit cards for its Android-based Google Wallet payment service. At the time, Google said it had discovered a flaw in the system that would have allowed the "unauthorized use of an existing prepaid card balance if someone recovered a lost phone without a screen lock."
Late on Tuesday, Google announced that Google Wallet can once again use new prepaid credit cards thanks to the company fixing the security flaw. The post stated:
While were not aware of any abuse of prepaid cards or the Wallet PIN resulting from these recent reports, we took this step as a precaution to ensure the security of our Wallet customers.
Google had come under some fire from users after a research report from Zvelo claimed last week that Google Wallet's PIN codes could be cracked via brute force methods. However, both Zvelo and Google stated this method would work only on Android-based smartphones that had been rooted. Google has also stated publicly that it strongly discourages using Google Wallet on rooted Android phones.
http://www.neowin.net/news/google-wallet-security-issue-fixed-pin-numbers-still-at-risk