Cyber security news for all

More

    Researcher discovers a bug in “Sign in with Apple”

    Apple just had a close shave with a security threat. The tech giants have expressed their gratitude to Indian researcher, Bhavuk Jain, for discovering a potential threat in its sign in with Apple system.

    A whopping sum of $100,000 was given to the researcher by the tech giants. The company also affirmed that its examination, to determine if there was any compromise with users’ data, came up negative.

    On how he found the vulnerability, Bhavuk explained that the absence of validation was the key to the discovery. The process of authenticating a user via “sign in with Apple” instigates the generation of a token, JSON Web Token; which contains hidden data used to ascertain the identity of the signing-in user. Absence of this validation could have created an avenue for the attackers to provide a separate Apple ID belonging to a victim, tricking Apple servers into generating JWT payload that was valid to sign in into a 3rd-party service with the victim’s identity.

     

    The company introduced This sign in with Apple last year in a bid to combat privacy issues. This move was employed as a privacy-preserving login mechanism. This means that users can sign up with third-party platforms and not have to use their email addresses.

    If the vulnerability had been left unchecked, hackers would have gained access to users’ accounts on third-party apps by bypassing authentication.

     

    In a press release, Bhavuk explained that the method employed by Apple to ascertain a user on the client-side, before initiating a request from Apple’s authentication Servers was instrumental in locating the vulnerability. The vulnerability functioned even in the absence of users’ email ID; and could be exploited to create a new account using the victim’s Apple ID.

    The researcher believes that some services and apps offering sign in with Apple might have implemented another authentication method; which could allay the problems of hacking.

    Bhavuk said, “I found I could request JWTs for any Email ID from Apple, and when the signature of these tokens was verified using Apple’s public key, they showed as valid. This means an attacker could forge a JWT by linking any Email ID and gaining access to the victim’s account. The impact of this vulnerability was quite critical, as it could have allowed a full account takeover. Many developers have integrated sign in with Apple since it is mandatory for applications that support other social logins. To name a few that use the sign in with Apple – Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook).”

     

    Recent Articles

    Amazon accounts are the new target of cyber criminals

    Amazon is a popular target for cyber criminals who want to exploit the trust and image of the company among its customers with emails....

    Hackers stole thousands of passport data in Argentina

    In response to millions of dollars ransom refused by the Argentine Immigration Service, a ransomware group released passport data from hundreds of thousands of...

    USA wants to improve cybersecurity of space systems

    CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold...

    Unknown attackers had access to personal data of Warner Music

    Warner Music Group has admitted a security incident in which customers card details were stolen in some of the company's online stores. Warner Music...

    Donald Trump wants to force a sale of TikTok to Microsoft

    It was recently announced that President Donald Trump plans to prohibit business with the owners of TikTok by decree. The American head of state...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox