They hacked a digital wallet and emptied the dollar accounts of Argentine users.
Dozens of Argentine users of a digital wallet that facilitates the movement of money between countries were victims of an attack that in some cases deleted several thousand dollars your accounts. Tool, Pioneer, has gained popularity among freelancers selling services overseas in times of currency restrictions because it allows you to receive payments in foreign currencies without having to calculate currencies using official exchange rates. The attack is apparently based on sending SMS messagesforced Movistar to issue a statement in which it clarified that the content of the messages was beyond its responsibility.
Victims organized through the social network Reddit and filed their claims through X, formerly Twitter, under the hashtag #PayoneerHacked. The issue has yet to receive an official response from Payoneer, a Wall Street-listed company, beyond support contacts in which users were given security instructions and a promise of a response in the coming days.
According to users who posted their cases on social media and spoke with Information Through the Discord platform, losses range from a few thousand dollars to $60,000.
“On Monday at 6 am I received an email from Payoneer that my transfer was on its way. Frightened, I ran to the computer and, opening my account, saw that it was true, there was a transition to another account, I immediately changed the password, but I continued to receive confirmation codes via SMS,” said the artist and illustrator who is selling his account. works through freelancing platforms.
“The transfers continued to go through, so I withdrew some of the funds as best I could by calling Payoneer. They deactivated my account just in case (too late, because there was nothing left to withdraw) and well, they gave me the answer that they gave to everyone. We had to change the email address and wait for the technical department to provide answers on this matter,” he added.
The reason for the hack is unclear. According to computer security consultant and CEO of BTR Consulting, Gabriel Zurdoapparently it was a case of smishing.
“This is a method that, like phishing, aims to send fraudulent messages. The difference is that it is done via SMS,” he said.
However, some users claim that this was a serious vulnerability that allowed attackers to gain access to account recovery codes sent by the company.
“In the case of Payoneer, in our opinion, it is possible to interpret that the SMS could have been sent using the Telefonica network through postal companies. Apparently, they managed to send SMS with codes to reset account passwords and access numbers,” Zurdo commented.
For now, Movistar from Telefonica He clarified that although his network was used to send messages, their content was superior to his.
“From Movistar’s social media posts, it has become known that the company’s customers with accounts on the Payoneer platform were deceived by receiving SMS messages that, through cunning maneuvers, intercepted their credentials from the aforementioned platform,” the company said in a statement. a statement circulated on the former Twitter account.
“In this sense, we inform you that Movistar is not responsible for messages (or their content) that third parties send using its network. Notwithstanding the above, we have taken preventative measures against those numbers from which some clients have reported receiving such messages,” the firm concluded.
At the time of publication of the note, the Payoneer press service responded to Infobae’s request, but has not yet provided details of what happened. They are preparing an official response.