A cyber-security researcher from India got rewarded $100,000 for finding and reporting a bug in the popular “Sign in with Apple” option in third party apps and services.
Sign in with Apple is an easy way for people to log in to any other third party services or apps by using your Apple ID. It is the same using your Google or Facebook account to login to other platforms.
Bhavuk Jain is a full stack developer. As of now, he is a complete full-time bug bounty hunter who reports issues existing in websites and apps to the developers.
This 27-year-old guy from India managed to find a zero-day vulnerability that could allow hackers to get into the user’s Apple account who logged in to third-party apps like Dropbox, Airbnb, Spotify, etc.
Bhavuk Jain, the cybersecurity researcher who found the bug said, “This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.”
Following this, Apple patched the issue and rewarded Jain with $100,000 which is around Rs. 75,00,000 in India.
As per him, There are two possible ways to authenticate a user by either using a JWT (JSON Web Token) or a code generated by the Apple server. The code is then used to generate a JWT. Here the users are given an option whether to share the Apple Email ID with third party services or not. Apple will generate it’s own Apple relay email ID in case the user opts not to share the Email ID. Here, the attacker could forge a JWT by linking any Email ID to it and get access to the victim’s account.
Apple also confirmed that there has been no data breach or misuse of the bug prior to fixing it.