Listen to this Post
Tuesday, December 10, 2024
In a shocking revelation, a critical vulnerability in G2A’s shopping platform has reportedly gone unpatched for over eight months. Cybersecurity experts have raised alarms as this flaw is actively being exploited by hackers to bypass payment systems, allowing them to acquire products for free.
The Exploit
The vulnerability, believed to reside in the payment validation process, enables attackers to manipulate purchase data. Reports suggest that by leveraging simple scripts or browser-based tools, malicious actors can complete transactions without actual payment, leaving sellers and the platform itself at a significant financial loss.
Why Hasn’t It Been Fixed?
Despite multiple notifications from security researchers and affected users, G2A has yet to deploy a fix. This prolonged delay has raised questions about the company’s commitment to user security and fraud prevention.
Security analysts speculate that patching the vulnerability might require significant changes to the platform’s backend, which could be causing delays. However, such a delay, especially in a high-risk environment like online marketplaces, is unacceptable to many users.
Hackers Still Exploiting the Loophole
The lack of a fix has turned G2A into a playground for cybercriminals. Reports indicate that products, ranging from video game keys to premium software licenses, are being stolen through these exploits. Many hackers are even boasting about their gains on underground forums, further encouraging others to exploit the system.
The Impact on Sellers
Sellers on the platform have reported significant losses as fraudulent purchases continue to rise. Many small-scale vendors have called for immediate action, warning that this could drive them out of business.
A Call to Action
This situation underscores the urgent need for companies to prioritize cybersecurity. As this issue remains unresolved, G2A risks losing the trust of both its buyers and sellers.
For now, users are advised to remain vigilant and monitor their transactions closely. Sellers are encouraged to report fraudulent activities and push for immediate remediation of the issue.
Let’s hope G2A addresses this glaring problem before it causes irreparable damage to its platform and community.
G2a exploit: 2/1/2024 (Reported by Undercode)
g2a 10/12/2024 Reported on pastebin by Unknow hacker
References:
Undercodenews.com
Cynthia M. (Undercoder)
