Hundreds of millions of users accounts that use cross-platform authentication were at risk of having their accounts taken over by threat actors.
Security researchers had discovered critical misconfiguration flaws in the implementation of the Open Authorization (OAuth) standard by three popular websites. Those sites are Grammarly, which is an AI powered writing tool, Vidio, which is an online streaming platform, and Bukalapak, which is an Indonesian e-commerce site. The flaw would have allowed attackers to take over user accounts and could lead to identity theft, financial fraud, access to credit cards and other cybercriminal activity. OAuth is a widely popular standard for cross-platform authentication, allowing users to log into websites using their social media or Google accounts. The flaw isn’t with the OAuth, but with how the web services have implemented the standard. There was a lack of token verification on the three websites which allowed account takeover. The security researchers had disclosed the vulnerabilities to those three websites and waited till the flaw was mitigated before publishing their research. However they believe that there would be many other websites exposed to the same flaw.
https://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts
https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions
This segment was created for the It’s 5:05 podcast