Cyber security news for all

More

    Researcher discovers a bug in “Sign in with Apple”

    Apple just had a close shave with a security threat. The tech giants have expressed their gratitude to Indian researcher, Bhavuk Jain, for discovering a potential threat in its sign in with Apple system.

    A whopping sum of $100,000 was given to the researcher by the tech giants. The company also affirmed that its examination, to determine if there was any compromise with users’ data, came up negative.

    On how he found the vulnerability, Bhavuk explained that the absence of validation was the key to the discovery. The process of authenticating a user via “sign in with Apple” instigates the generation of a token, JSON Web Token; which contains hidden data used to ascertain the identity of the signing-in user. Absence of this validation could have created an avenue for the attackers to provide a separate Apple ID belonging to a victim, tricking Apple servers into generating JWT payload that was valid to sign in into a 3rd-party service with the victim’s identity.

     

    The company introduced This sign in with Apple last year in a bid to combat privacy issues. This move was employed as a privacy-preserving login mechanism. This means that users can sign up with third-party platforms and not have to use their email addresses.

    If the vulnerability had been left unchecked, hackers would have gained access to users’ accounts on third-party apps by bypassing authentication.

     

    In a press release, Bhavuk explained that the method employed by Apple to ascertain a user on the client-side, before initiating a request from Apple’s authentication Servers was instrumental in locating the vulnerability. The vulnerability functioned even in the absence of users’ email ID; and could be exploited to create a new account using the victim’s Apple ID.

    The researcher believes that some services and apps offering sign in with Apple might have implemented another authentication method; which could allay the problems of hacking.

    Bhavuk said, “I found I could request JWTs for any Email ID from Apple, and when the signature of these tokens was verified using Apple’s public key, they showed as valid. This means an attacker could forge a JWT by linking any Email ID and gaining access to the victim’s account. The impact of this vulnerability was quite critical, as it could have allowed a full account takeover. Many developers have integrated sign in with Apple since it is mandatory for applications that support other social logins. To name a few that use the sign in with Apple – Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook).”

     

    Recent Articles

    TikTok has fixed a serious security gap issue

    TikTok accounts paid a researcher a reward of 4000 dollars after he reported two vulnerabilities as part of a disclosure. A combination of both...

    Passwords should be changed for Fortinet VPNs

    Administrators should change the access for Fortinet VPNs in use. Log-in information for almost 50,000 VPN networks has appeared in various cyber blogs. A security...

    Twitter confirmed to bring back account verification

    Twitter is bringing back verifications for the account verification in the beginning of 2021. Certain users will then be given a control mark again,...

    350,000 Spotify users were hacked

    At the beginning of July this year, security researchers discovered an unsecured database that contained access and other information from 350,000 Spotify users. Spotify...

    Europol sees artificial intelligence as a dangerous cyber threat

    Cyber criminals can use intelligence to carry out attacks more easily and thus cause more damage. Europol is warning of this in a joint...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox