[Asia Economy Reporter Yuri Choi] The signature key of the simple payment app 'Payco' was leaked last August. If the leaked signature key is misused, voice phishing apps can disguise themselves as legitimate apps and steal customer information, raising concerns about potential damage. Payco plans to change the signature key and update the app within this week.
According to NHN Payco on the 5th, the signature key leak was identified last August. Security solution company Everspin reportedly detected 5,144 malicious apps created using the leaked signature key. If malicious apps are forcibly installed through links in text messages or other routes, personal information leakage and other damages may occur.
After recognizing the signature key leak, Payco assessed the impact on services including potential malfunctions and has been working on changing the signature key. They explained that there is no problem if the Payco app is downloaded normally through the store, except for forced installations via abnormal routes such as download links in text messages.
The exact route through which the signature key was leaked is still under investigation, and measures to disable the operation of the created malicious apps are being devised. Additionally, an app update using a new signature key is planned for this week.
An NHN Payco official stated, "There has been no leakage of personal information of existing Payco users, and there is no issue when downloading the legitimate app from the app store."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![User Who Sold Erroneously Deposited Bitcoins to Repay Debt and Fund Entertainment... What Did the Supreme Court Decide in 2021? [Legal Issue Check]](https://cwcontent.asiae.co.kr/asiaresize/183/2026020910431234020_1770601391.png)
