Threat Actor: Unknown | unknown
Victim: Al Rajhi Bank | Al Rajhi Bank
Price: $69 in Bitcoin
Exfiltrated Data Type: User shopping carts and potentially sensitive data
Key Points :
- IDOR vulnerability discovered in Al Rajhi Bank’s APIs.
- Flaw allegedly found through fuzzing techniques.
- Unauthorized access to user shopping carts is possible.
- Threat actor suggests further exploitation may reveal critical flaws like NoSQL injection.
- Sale of the vulnerability raises concerns about the black market for banking exploits.
- Highlights the need for financial institutions to enhance security measures.
- Al Rajhi Bank is a major investor in Saudi Arabia with over SR 330.5 billion in AUM.
- The bank operates over 600 branches and has a presence in multiple countries.
A threat actor claims to have found an IDOR (Insecure Direct Object Reference) vulnerability in Al Rajhi Bank’s APIs. The individual allegedly discovered the flaw through fuzzing, which allows unauthorized access to user shopping carts and possibly other sensitive data.
The threat actor is selling this alleged vulnerability for $69 in Bitcoin. They suggest that with some reconnaissance, further exploitation could reveal more critical flaws, such as a possible NoSQL injection.
Although the claim remains unverified, the sale raises concerns about the growing black market for banking exploits. It also underlines the need for financial institutions to strengthen their security measures in an increasingly digital world.
The bank is a major investor in Saudi Arabia’s business and is one of the largest joint stock companies in the Kingdom, with over SR 330.5 billion in AUM ($88 billion) and over 600 branches. Its head office is located in Riyadh, with six regional offices. Al Rajhi Bank also has branches in Kuwait and Jordan, and a subsidiary in Malaysia and Syria.
The post Alleged IDOR Vulnerability in Al Rajhi Bank’s APIs for Sale appeared first on Daily Dark Web.