Researchers uncovered a flaw in an API that is already incorporated into numerous bank systems, which might have allowed attackers to steal millions of dollars from consumers.
According to experts, a Server-side Request Forgery (SSRF) bug in an API of a prominent financial technology platform could have compromised millions of bank users, allowing attackers to swindle individuals by managing their bank accounts and funds.
Salt Security Labs discovered the flaw in an API on a web page that enables the organization’s platform fund transfer capability, which allows clients to transfer money from their platform accounts to their bank accounts, according to a study released Thursday.
Read More: https://threatpost.com/ssrf-flaw-fintech-bank-accounts/179247/
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.