Indian finds bug in Apple, gets Rs 75 lakh


(File photo)

BENGALURU: Apple has awarded Indian bug bounty hunter Bhavuk Jain Rs 75 lakh ($100,000). It gave the award under its bug bounty programme, after Jain found a bug in the ‘sign in with Apple’ account authentication that would have allowed an attacker to take control of users’ accounts on third-party applications.
The 27-year-old developer spotted the bug in April and, soon after, Apple fixed the vulnerability.
“The impact of this vulnerability was quite critical as it could have allowed full account takeover. A lot of developers have integrated ‘sign in with Apple’ since it is mandatory for applications that support other social logins. To name a few that use it — Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook). These applications were not tested but could have been vulnerable if there weren’t any other security measures in place while verifying a user,” Jain wrote in a blog.
Bug bounty hunting is becoming big business. In 2019, hackers like Jain earned nearly $40 million in bounties. Hackers in India earned the second most from such hunting, behind the US.

Source link


Please enter your comment!
Please enter your name here

Enable Google Transliteration.(To type in English, press Ctrl+g)