A white-hat hacker has been given a $10,000 reward by Reddit for spotting a single-click hijack vulnerability on Apple’s sign-in function for the popular platform.
The benign hacker, named on Reddit as Fransrosen, privately alerted the platform to the vulnerability on June 7.
“I've been researching new ways to steal OAuth codes and access-tokens using postMessage, and I found a way for me to steal the code and/or access-token from Apple-sign-in on reddit.com, allowing a full hijack of the account,” they said.
Fransrosen then talked the Reddit team through a pentester video in which a cyberattack exploiting the vulnerability was simulated by the white-hat hacker.
“The attacker will open his own session with Apple, copy the state to the attacker page, and send the link to the victim,” said Fransrosen. “When the code shows up on the attacker's page, the attacker takes over and uses its incognito browser window to sign in as the victim from his Apple-ID.”
Elated maintenance workers at Reddit took action upon being notified by Fransrosen and decided to award the helpful platform user a cool $10,000 for their efforts.
“We are close to shipping a fix for this, in the meantime I'm awarding you the bounty,” said Reddit. “I'll keep you posted when we are ready for retesting.”
For security reasons, the chat between Fransrosen and the Reddit maintenance team was kept private until the bug was fixed a few days ago.
“We should be good to go now,” came the final notice on August 2. “Let me know if there's anything you want redacted here, will try to aim for full disclosure.”
Fransrosen and Reddit agreed on the latter, and the full report was made available and shared with HackerOne.
Nice work if you can get it.
More from Cybernews:
Subscribe to our newsletter