Apple's useful Sign in with Apple option that was disclosed in June 2019 received a fair bit of positive attention, and for good reason: it replaces social logins with a secure authentication system. On top of that, a user can sign up with third-party apps and services without needing to share their Apple ID email address.
However, a security researcher in New Delhi, India just uncovered a serious flaw in the Sign in with Apple system that would allow an attacker to potentially take over an account merely by using an email ID.
Apple has rewarded the person quite substantially.
Apple security bounty
It's clear to see just how important this surprising discovery is to Apple, as the company has paid the hacker $100,000 from its Apple security bounty pot.
The good thing is, Apple has already cleared up the snafu on its server-side, and only after this was done did Bhavuk Jain, the man who disclosed the bug to Apple, publish his disclosure of the shocking security vulnerability online on May 30.
The vulnerability itself only related to the third-party apps that used Sign in with Apple without any additional security measures. It's worrying for two reasons.
Firstly, it could have potentially allowed a full takeover of the user accounts of those third-party apps regardless of whether or not the user had a valid Apple ID. Secondly, and perhaps more shockingly, was that Apple did not catch this flaw during its development stages.
Essentially, what Jain found out he could do was request authentication tokens for any email ID from Apple, which would then be verified using Apple's public key. Thus, an attacker could gain access to a victim's account. Hiding your email ID from the third-party app wouldn't have stopped this from happening.
All in all, though, Jain explained that an internal investigation was carried out by Apple, which determined that there had been no account compromises or misuse before the flaw was fixed.
Some hackers like Jain really do help bring out the best of certain situations, just like this one did when they revived low-res video playbacks to audio cassette tapes.