A loophole in PayPal allows users to double the money in their account and that too endlessly. This could be done when the buyer’s credit card number is stolen and used fraudulently or if seller tries to fraud. The loophole resides in PayPal’s Chargeback Process which could be exploited to do fraud with PayPal. A convicted former Romanian hacker, who was arrested in year 2012 for attacking NASA, Oracle, Pentagon, U.S. Army and many more high profile websites. PayPal admitted the flaw to PayPal Security team for bug bounty and they admitted it as a flaw in their Terms of Service (ToS)
Source: https://thehackernews.com/2014/06/loophole-in-paypal-terms-allows-anyone.html