Google Wallet vulnerable to attacks aimed to retrieve your PIN number

2
Google Wallet vulnerable to attacks aimed to retrieve your PIN number
A simple "brute force" attack of Google Wallet's SHA256 hex-encoded string that contains your PIN number, can reveal it to hackers in just ten thousand combinations.

The security researchers that discovered the vulnerability proved how easy it is by writing the app Wallet Cracker, which extracted the PIN in no time. While digging through the open source code, they also found unique user IDs and the Google account information, rounding up the tools one would need to easily poach your associated card account.

Google has been made aware of the issue, and is working with the banks and security software providers involved to remedy this. In the meantime, the researchers suggest you abstain from rooting your handset, update your software regularly, enable the lock screen, and uncheck the "USB Debugging".

source: zvelo via Engadget


New reasons to get excited every week

Get the most important news, reviews and deals in mobile tech delivered straight to your inbox

FCC OKs Cingular\'s purchase of AT&T Wireless