Google Wallet vulnerable to attacks aimed to retrieve your PIN number

2comments
Google Wallet vulnerable to attacks aimed to retrieve your PIN number
A simple "brute force" attack of Google Wallet's SHA256 hex-encoded string that contains your PIN number, can reveal it to hackers in just ten thousand combinations.

The security researchers that discovered the vulnerability proved how easy it is by writing the app Wallet Cracker, which extracted the PIN in no time. While digging through the open source code, they also found unique user IDs and the Google account information, rounding up the tools one would need to easily poach your associated card account.

Google has been made aware of the issue, and is working with the banks and security software providers involved to remedy this. In the meantime, the researchers suggest you abstain from rooting your handset, update your software regularly, enable the lock screen, and uncheck the "USB Debugging".

source: zvelo via Engadget

Video Thumbnail

Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless