Cyber security news for all

More

    Researcher discovers a bug in “Sign in with Apple”

    Apple just had a close shave with a security threat. The tech giants have expressed their gratitude to Indian researcher, Bhavuk Jain, for discovering a potential threat in its sign in with Apple system.

    A whopping sum of $100,000 was given to the researcher by the tech giants. The company also affirmed that its examination, to determine if there was any compromise with users’ data, came up negative.

    On how he found the vulnerability, Bhavuk explained that the absence of validation was the key to the discovery. The process of authenticating a user via “sign in with Apple” instigates the generation of a token, JSON Web Token; which contains hidden data used to ascertain the identity of the signing-in user. Absence of this validation could have created an avenue for the attackers to provide a separate Apple ID belonging to a victim, tricking Apple servers into generating JWT payload that was valid to sign in into a 3rd-party service with the victim’s identity.

     

    The company introduced This sign in with Apple last year in a bid to combat privacy issues. This move was employed as a privacy-preserving login mechanism. This means that users can sign up with third-party platforms and not have to use their email addresses.

    If the vulnerability had been left unchecked, hackers would have gained access to users’ accounts on third-party apps by bypassing authentication.

     

    In a press release, Bhavuk explained that the method employed by Apple to ascertain a user on the client-side, before initiating a request from Apple’s authentication Servers was instrumental in locating the vulnerability. The vulnerability functioned even in the absence of users’ email ID; and could be exploited to create a new account using the victim’s Apple ID.

    The researcher believes that some services and apps offering sign in with Apple might have implemented another authentication method; which could allay the problems of hacking.

    Bhavuk said, “I found I could request JWTs for any Email ID from Apple, and when the signature of these tokens was verified using Apple’s public key, they showed as valid. This means an attacker could forge a JWT by linking any Email ID and gaining access to the victim’s account. The impact of this vulnerability was quite critical, as it could have allowed a full account takeover. Many developers have integrated sign in with Apple since it is mandatory for applications that support other social logins. To name a few that use the sign in with Apple – Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook).”

     

    Recent Articles

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    The slamming of undeletable Adware on Android users

    Researchers have discovered that about 14.8% of users of android phones that were targeted with mobile adware or malware the previous year have undeletable...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox