Loopholes are a big issue for financial institutions dealing with large sums of money. Recent breaches of Chase, Target & other big name brands are no joke or laughing matter. It should also be noted that this incident should not be swept under the carpet either.
With loopholes waiting to be exploited against these big corporations, there is no telling how much money can be acquired by the time they notice and patch the vulnerability up.
PayPal’s Security At Risk?
Let’s be real here, PayPal was never safe nor secure from the moment they started proposing their ninja security. It is the reason so many accounts are hijacked and sold in the underground market. There are sites who sell stolen PayPal’s with money, but be weary as it is not a fictional ploy but a reality. Digging deeper into the matter, you can find accounts with actual credit cards attached, balances of $20-1000 possibly, real social security numbers, bank accounts, you name it! Make no mistake, keep your PayPal account secure; however, this is not what we will be talking about. Rather, we will talk about the exploit that has surfaced for awhile and surprisingly still possible today.
Double Your PayPal Money In These Short Steps
Just to be clear, we are not advocating this nor promoting the idea of doing this. We are outlining the steps as to what the exploit is and users do it.
What you need in order to make this possible is three PayPal accounts. The exploit was brought to attention by a former NASA hacker by the name of Razvan Cernaianu. However, it could have been well known before, but it has recently started to become more prominent.
How can we pull this off you say? Simple! This will require one personal credit card and the other with virtual credit cards and banks.
- Using the account with your personal credit card, begin a “purchasing” transaction with the second PayPal account with any amount.
- Send the money in the second PayPal account to the third PayPal account.
- Withdraw the money in the third account.
- Wait a period of days or hours and then file a chargeback/dispute from the first account against the second account.
- Exploit complete.
What’s The Catch?
PayPal disputes require evidence from both sides to resolve the disputes. Since you control both accounts, you can make it to where PayPal favors the buyer’s side.
So what was the result of this?
You Sent X amount to “buy” something from account A to account B.
Account B sent money to account C.
Account A files a chargeback/dispute.
Account B goes negative while account C is unharmed.
Dispute/chargeback gets resolved, and money is returned to account A.
Money in account A is back to the original amount sent while account C withdrew that money resulting in doubling of funds.
Will This Last Long?
Very unlikely, this will get patched the more people discover and attempt this. The transactions between accounts almost seem unrelated at first, but can become noticeable if the same account files disputes & chargebacks with other accounts.
Sooner or later, PayPal will take notice and begin to limit accounts if any traces or hints are left that you own the accounts.
Bottom line is; it is a flaw in PayPal’s system that makes it “possible” to double your money. It has been brought up by many security experts to PayPal, but PayPal has yet to implement a safeguard against it.
We do not not advise this nor recommend you do this. You hold all responsibility and any consequences behind it.