Add Your Heading Text Here

Add Your Heading Text Here

Apple Pays Indian Developer Rs 75 Lakhs For Finding A Bug In Its Latest Feature

| Published on June 2, 2020

Leading tech companies have always worked hard on their security programs. Every now and then, these tech giants hire people to purposely find bugs so that they can fix it before a malicious hacker gets the air of it.

Recently, an Indian security researcher, Bhavuk Jain, has received $100,000 (Rs 75.5 lakhs) from Apple for discovering a highly critical vulnerability affecting its ‘Sign in with Apple’ system.

The Zero-Day vulnerability could have allowed a hacker to break into an Apple user’s account who logs into third-party apps like Dropbox, Spotify, Airbnb, and Giphy (now acquired by Facebook) and more.

Apple Pays Hacker $100,000 For 'Sign In With Apple' Security Shocker

Though the vulnerability existed on the Apple side of code, the researcher said it’s possible that some services and app offering ‘Sign in with Apple’ to their users might have already been using a second factor of authentication that could mitigate the issue for their users.

The tech company’s ‘Sign in with Apple’ feature was launched in 2019. It was introduced as a privacy-preserving login mechanism that allows users to sign up an account with 3rd-party apps without disclosing their actual email addresses, which is also used as Apple ID by many.

iPhone Hack: Google Warns 1 Billion Apple Users They May Have Been ...

Bhavuk disclosed the flaw to Apple last month which led to an award from Apple’s bug bounty program. Apple has since patched the bug.

Bhavuk holds a bachelor’s degree in electronics and communication discovered Zero-Day bug in ”Sign in with Apple” that affected third-party applications that were using it and didn’t implement their own additional security measures.

In a statement given by Bhavuk, he said, “This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.”

Bhavuk is a full-stack developer interested mostly in mobile app development using React Native. He is currently a full-time bug bounty hunter. He has dedicated his career to making the internet a safer place for all of us.

Interested in getting all the latest news from the world of Marketing, Advertising and Startups? Subscribe to our Scoop by Marketing Mind newsletter so that you don’t miss any updates.

Related Posts