Home Technology Indian Developer Bags Rs 75 Lakh Bounty For Finding Critical Apple Login...

Indian Developer Bags Rs 75 Lakh Bounty For Finding Critical Apple Login Vulnerability

Apple has paid a $100,000 (~Rs 75 lakh) bounty to a 27-year-old Indian researcher Bhavuk Jain for cracking a critical and zero-day vulnerability that he found within the ‘Sign in with Apple’ ability that is found on some websites and several third-party applications. The critical flaw, according to Jain, could have allowed hackers to break into an Apple user’s account details who log into third-party apps like Dropbox, Spotify, Airbnb, Facebook-owned Giphy and more.

Launched in 2019, the “Sign in with Apple” feature allowed users to simply and quickly sign into third-party apps by sharing their Apple email IDs. Interestingly, when logging in, Apple used to authenticate a JWT (JSON Web Token) which used to contain the user’s Apple ID email addresses as well. However, If the user decided to hide the Email ID, Apple generated its own user-specific Apple relay Email ID. That’s where the bug existed.

According to Jain, he could request a JSON Web Token for any legitimate Apple account and the sign-in would be verified valid each time. This, Jain said, is a critical flaw that could allow a hacker to take over any account as he only needed to know the email addresses associated with an Apple ID to get a validated token and obtain access.

“The Sign in with Apple works similarly to OAuth 2.0. I found I could request JWTs (JSON Web Tokens) for any Email ID from Apple and when the signature of these tokens was verified using Apple’s public key, they showed as valid,” Jain said. “This means an attacker could forge a JWT by linking any Email ID to it and gaining access to the victim’s account,” he added.

According to Jain, this critical vulnerability may have had a long-lasting impact on hundreds and thousands Apple users as it could have allowed a full account takeover.

“This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not,” Jain said. It is worth noting that Apple has made ‘Sign in With Apple’ mandatory for a lot of developers since it is mandatory for applications that support other social logins.

While Apple is yet to release an official statement on the development, but Jain asserted that Apple carried out an investigation and patched this critical bug. The Cupertino-based tech giant also ensured there was no misuse or account compromise due to this vulnerability, following Jain’s report.


Source link

Leave a Reply

Most Popular

India’s revised FTP and domestic cricket season to be discussed on Apex Council meet on July 17 | Cricket News

TOI Photo. NEW DELHI: The BCCI will work on finalising India's revised Future Tours Program and the domestic season when it...

Sushmita Sen sends out Guru Purnima wishes with THIS lovely family photo | Hindi Movie News

Sushmita Sen is an avid social media user. The actress is known for her workout posts, motivational messages and cute pictures of her daughter...

BCCI secretary Jay Shah shares photograph of ‘magnificent Motera’ | Cricket News

NEW DELHI: Board of Control for Cricket in India (BCCI) secretary Jay Shah on Sunday tweeted a...

Anand Ahuja adorably crashes Sonam Kapoor’s interview | Hindi Movie News

Sonam Kapoor and Anand Ahuja are one of the most adored couples in Bollywood. Amid lockdown, the actress treated us with their goofy videos...