HackerNews reported that Bhavuk Jain, a bug bounty hunter, has received $100,000 from Apple for uncovering a severe authentication bypass vulnerability that could result in a takeover of third-party user accounts. The bug was discovered in the “Sign in with Apple” feature that allows new users to sign in to services with their Apple ID. This function was created to improve privacy and create sign-in procedures for third party websites.
Jain found a way to bypass the authentication mechanism and was able to take over third-party user accounts by knowing a target’s email ID. Therefore, the hack requires very little information about a target. Jain has previously discovered bugs in Bumble, Zomato, Udemy, and Verizon Media. The security flaw, according to Jain, existed due to how Apple handled client-side user validation requests.
Read More: Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug