Lawrence Abrams reports:
Hackers are using an unknown method to make fraudulent charges on PayPal accounts linked via GooglePay. These transactions are being charged through Target stores or Starbucks in the United States even though the account holders are in Germany.
Starting on February 22nd, numerous people in Germany began reporting [1, 2, 3, 4, 5, 6] that their PayPal accounts linked to Google Pay were being charged with fraudulent transactions ranging from €1,73 to over €1800.
Read more on BleepingComputer. Catalin Cimpanu also reports on the situation and has more on the researcher’s theory of how this may have happened. If the researcher is correct, it does not look great for PayPal, as the vulnerability was brought to their attention last last year, he claims.