Salt Security has revealed research revealing critical API security vulnerabilities in the OAuth protocol implementations of popular online platforms such as Grammarly, Vidio, and Bukalapak.
These vulnerabilities, which have now been patched, could potentially compromise user credentials and allow accounts to be completely hijacked, putting billions of users at risk.
The research paper, released today, marks the latest chapter in Salt Labs’ OAuth hijack series, building on previous discoveries of vulnerabilities in platforms such as Reservation.com And Exposure. The weaknesses identified focused on the process of verifying access tokens in the OAuth protocol.
These breaches presented serious risks, including providing cybercriminals with unrestricted access to user accounts, potentially leading to unauthorized access to sensitive financial and personal information. They also exposed users to potential risks of identity theft and financial fraud.
OAuth, a widely adopted user authorization and authentication technology, simplifies the login process by allowing users to sign in to websites using their social media accounts. Security flaws in these implementations allowed attackers to insert a token from another site as a verified token, a technique called a Pass-The-Token attack.
“What stands out most from our research is the fact that OAuth, which is the main technology behind social login, is actually well designed and contains no obvious points of failure. However, most of the issues we encountered were related to how OAuth is implemented by the different parties using it,” explained Yaniv Balmas, VP of Research at Salt Security.
The affected platforms mentioned in the last Salt Safety Report (Vidio, Bukalapak and Grammarly) have since taken steps to address these security flaws after being alerted by Salt Labs researchers.
“Each of us connects to dozens of web services every day,” Balmas added. “The issues we discovered affected more than a billion users who might have found that their accounts had been compromised if this issue had been discovered by other ‘less friendly’ parties.”
Image credit: T. Schneider / Shutterstock.com