Skip to main content

Market Overview

Apple Pays Hacker From India $100,000 For Discovering Serious 'Sign In With Apple' Vulnerability

Apple Pays Hacker From India $100,000 For Discovering Serious 'Sign In With Apple' Vulnerability

Apple Inc (NASDAQ: AAPL) has awarded $100,000 to an Indian hacker who found a serious vulnerability in the “Sign In With Apple” service.

What Happened

“Sign In With Apple” was introduced in June last year as part of iOS13. The Cupertino-based tech giant touted it as a “privacy-protecting” feature, allowing for a “fast, easy and private” sign-in to apps and websites. The service was to be an alternative to signing up for online services instead of using a social account or filling out forms. 

In April, a security researcher based in Delhi found a critical flaw in the service that would allow to take over an account with just an email ID. Apple paid the researcher a reward of $100,000, as a part of its bug bounty program, for discovering the exploit, Forbes reported.

Why It Matters

According to Bhavuk Jain, the researcher who found the critical vulnerability, it could have allowed for a “full account takeover.” 

He wrote in his blog, “A lot of developers have integrated Sign in with Apple since it is mandatory for applications that support other social logins.”

Jain says the sign-in service was supported by Dropbox Inc. (NASDAQ: DBX), Spotify Technology SA (NYSE: SPOT), Airbnb, and Giphy, owned by Facebook Inc (NASDAQ: FB).

These applications were not tested but remained vulnerable to a “full account take over if there weren’t any other security measures in place while verifying a user.”

The researcher concluded, “Apple also did an investigation of their logs and determined there was no misuse or account compromise due to this vulnerability.” 

Apple Price Action

Apple shares traded 0.33% higher at $319 in the after-hours session on Friday. The shares closed the regular session mostly unchanged at $317.94.


Related Articles (AAPL)

View Comments and Join the Discussion!

Posted-In: Apple Forbes India security Tim CookNews Tech Media Best of Benzinga

Don't Miss Any Updates!
News Directly in Your Inbox
Subscribe to:
Benzinga Premarket Activity
Get pre-market outlook, mid-day update and after-market roundup emails in your inbox.
Market in 5 Minutes
Everything you need to know about the market - quick & easy.
Fintech Focus
A daily collection of all things fintech, interesting developments and market updates.
Everything you need to know about the latest SPAC news.
Thank You

Thank you for subscribing! If you have any questions feel free to call us at 1-877-440-ZING or email us at