Thursday, 11 December 2014

Security Flaws Discovered on Alibaba’s Marketplace

An Israeli research firm said Wednesday that it found security flaws on Alibaba Group’s international marketplace that exposed merchants and shoppers to serious risks. The Chinese e-commerce giant said it has since fixed the problem.

The flaws on the website were discovered in AliExpress, a marketplace that helps Chinese sellers market goods to overseas customers in Russia, Brazil and the U.S., the Wall Street Journal reports.
Israeli researchers from the security firm AppSec Labs said weaknesses in the site could have allowed attackers to take over merchant shops and change prices, alter shipment details and shut down the shop. Customers’ shipping addresses were also exposed. Credit card details, however, were not vulnerable.

Credit card details were not exposed

Alibaba said it resolved the security vulnerability quickly and that no user data was exposed.

Source:
Time Magazine