image credit: unsplash
A flaw discovered in some Xiaomi phones(opens in new tab) could have cost users their hard-earned money.
Cybersecurity experts from Check Point Research (CPR) found a flaw in the devices’ mobile payment mechanism, which threat actors could have used to sign fake payments, essentially stealing people’s money.
“We discovered a set of vulnerabilities that could allow forging of payment packages or disabling the payment system directly, from an unprivileged Android application,” commented Slava Makkaveev, Security Researcher at Check Point.” We were able to hack into WeChat Pay and implemented a fully worked proof of concept.”
Comments are closed.
