Skip to main content

Critical 'Sign in with Apple' Flaw Could Have Let Attackers Hijack Anyone's Account

Critical 'Sign in with Apple' Flaw Could Have Let Attackers Hijack Anyone's Account

What if I say, an attacker only require your Email ID to gain access to one of your accounts on your favorite app or a website. Sounds shocking right?

Indian security researcher, Bhavuk Jain discovered a critical vulnerability affecting Apple's 'Sign in with Apple' system that could allow attackers to bypass authentication and take over victim's account on third-party applications which have been providing 'Sign in with Apple' option to its user.

Apple also rewarded a security researcher by giving a $1,00,000 bug bounty for reporting a highly critical flaw.

Last year, Apple launched 'Sign in with Apple' feature and introduces it as a privacy-protecting login system that allows users to sign up an account with third-party applications without disclosing their actual Email ID.

Security researcher, Bhavuk Jain found the critical vulnerability in the way Apple was validating a user on the client-side before initiating a request from Apple's auth servers.

How 'Sign in with Apple' Feature Works?

While authenticating a user via 'Sign in with Apple', the auth server generates JWT (JSON Web Token) which contains secret confidential information that third-party app uses for verifying the sign-in users.

Critical 'Sign in with Apple' Flaw Could Have Let Attackers Hijack Anyone's Account

However, a security researcher found that before initiating the request, Apple asks users to log in to their Apple account, it was not verifying if the same user is requesting JWT in the next step from its auth server.

Therefore, the missing verifying in that part could allow an attacker to forge a JWT by providing any Apple ID to it and taking control of the victim's account. Security researcher, Bhavuk also demonstrated the same.

Security researcher, Bhavuk said that the flaw worked even if the user chooses to hide their Email ID from the third-party applications and can also be exploited to sign up a new account with the users' Apple ID.

The impact of this flaw was too critical. Many developers (includes Airbnb, Spotify, Dropbox, etc) have integrated 'Sign in with Apple' feature since it is essential for apps that support other social logins.

Apple has patched the flaw immediately. Apple also did an investigation on this and confirmed that the flaw was not exploited to breach any users' accounts.

If you have any questions related to highly critical 'Sign in with Apple' flaw and also want to share your views on this then please mention in the comments box and I will get back to you.

Comments

Popular posts from this blog

How To Check If a Link Is Safe To Click

Many times, we share links among our friends on social media platforms like WhatsApp, Facebook, Instagram or Twitter. But do we know how safe they are? What can happen if you click on any malicious link? We never think of the following things : Links can drop various harmful programs, viruses on your device Links can steal your personal data by dropping spyware or keyloggers Use your browser for crypto mining which will affect your device's performance Even if your device is secured with antivirus, not all of them warn you before clicking such malicious links . And the moment you click on these, they will become big trouble for you. This can sometimes even be dangerous with regard to data security and identity theft. So, Be careful about what you click on. These days one of the quickest growing security issues is ransomware , which is often spread by the user unintentionally clicking dangerous links in emails, social media platforms, messengers, and other tool

TikTok Secretly Sent Users Private Data & PII Number to Chinese Server Including Draft Videos

The popular Android and iOS short-videos creating app, TikTok hit with a lawsuit claims that the app illegally and secretly transfers app's users' private sensitive data and Personally Identifiable Information (PII) to Chinese servers. TikTok which is a 15-second short-video creating app especially popular among the younger generation and also downloaded over 1.3 Billion times worldwide . TikTok remains top in the most downloaded app list for months on the Apple App Store and Google Play Store.  According to the lawsuit, Tiktok shared the user's created videos which include private acts and closeups of user's faces (biometric data) before the videos are saved on the app. TikTok provides many options includes the next button, close button, and button for effects to its users while recording the video. Here, the next button takes users to the screen that shows these two options : "post" and "save".  After clicking on the "next" button, Tik

WARNING — These Six ‘Dangerous’ Android Apps With 1.66 Billion Downloads Need To Be Uninstalled

Privacy and security research firm VPNpro has discovered six dangerous Android antivirus apps that have a total of 1.66 billion downloads available in the Google Play Store. These six free Android antivirus apps ask users to explicitly agree for dangerous permissions that they are not required to operate . And there is simply no legitimate reason for them to do so. Downloading these antivirus apps has resulted in putting users themselves as well as all of their precious data at risk. So, my advice here is pretty straightforward. Even if you are installing an antivirus app from Google Play Store, make sure it is a well-known brand and you are familiar with the permission is required to operate on. Downloading free apps onto Android devices is always a risk, especially if they are from unknown developers. Free Antivirus apps  –  Dangerous Permissions These six Android antivirus apps asking for dangerous permissions such as access to the microphone, camera, making call