alessandro.ricci | Stripe Developers | Page 1

toxic coveBOT Sep 6, 2023, 4:00 PM

#

distant ice Sep 6, 2023, 4:00 PM

#

Hello

#

Can you give me an example of what you are seeing?

#

An example request ID that is

median scarab Sep 6, 2023, 4:00 PM

#

req_iO9nrDwy251G3C

#

Status 402

distant ice Sep 6, 2023, 4:01 PM

#

And can you tell me what you mean by "suspicious" exactly?

median scarab Sep 6, 2023, 4:02 PM

#

We don't call in any case that endpoint, we always use only stripe pages to make our customer pay, also we see as a source Python/3.11 aiohttp/3.8.4 we don't use any python client

distant ice Sep 6, 2023, 4:02 PM

#

So this looks like an attempt to tokenize card information using your secret key. I can see it looks like you mostly use a plugin

#

Yep

#

Looks to me from a glance like somehow your secret key got leaked

median scarab Sep 6, 2023, 4:02 PM

#

yes we use the official plugin

distant ice Sep 6, 2023, 4:03 PM

#

So I'd recommend rolling your keys and updating your plugin with your new keys

median scarab Sep 6, 2023, 4:04 PM

#

ok, i see also no further attempt to establish any other connection (except a test of mine)

#

we will update keys

#

how can this happens ? application is inside an azure container (env file is so protected) and we dont expose that key to browser

distant ice Sep 6, 2023, 4:07 PM

#

I really can't say...

#

Somehow someone got their hands on your key, but I have no way of knowing how that would have happened...

#alessandro.ricci