HomeCII/OTOAuth Vulnerability Exposed Airline Users to Account Takeovers

OAuth Vulnerability Exposed Airline Users to Account Takeovers

Published on

spot_img

A recent vulnerability discovered in the authentication process of a major provider of online travel services has exposed millions of airline customers to potential account takeovers, shedding light on the risks associated with misconfigured OAuth authentication processes.

The vulnerability, which has since been remedied by the travel services company, allowed attackers to redirect a user’s OAuth credentials to a server of their choice. This flaw could have enabled attackers to obtain a valid session token from an airline’s website and use it to log into the travel company’s systems as the victim, booking hotels and car rentals using the victim’s airline loyalty points. This vulnerability was identified by researchers at Salt Security, who were investigating real-world examples of API supply chain attacks.

Salt Security researcher Amit Elbirt highlighted the severity of the risk posed by this vulnerability, emphasizing the need for stringent security protocols to prevent unauthorized account access and manipulation. The exploit could have granted attackers full access to a victim’s stored information on the airline company’s site, including personally identifying information, mileage, and rewards data.

OAuth (Open Authentication) is a security protocol that allows users to grant websites or applications access to their information on other sites without sharing their passwords. In this case, OAuth enabled users to login to the travel services company’s website using their airline credentials.

The vulnerability stemmed from a failure in the travel company’s authentication flow, which failed to verify that sensitive authentication credentials were being sent to a valid domain. This oversight allowed attackers to manipulate the system and redirect the credentials to their own server, potentially leading to unauthorized account access.

According to Yaniv Balmas, Vice President of Research at Salt Security, similar vulnerabilities in OAuth implementation processes have been identified in other major platforms, such as Booking.com, Grammarly, Vidio, and Bukalapak. These issues highlight the common challenges organizations face in ensuring the security of third-party integrations and the potential risks of account takeovers.

Balmas emphasized that the responsibility for ensuring the security and safety of customer users falls on the third-party service provider, as there is often limited visibility for the airline in detecting and preventing such attacks. Without stringent security standards and protocols in place, users remain vulnerable to account takeovers and unauthorized access.

In light of this incident, organizations must prioritize the implementation of robust security measures to safeguard user data and prevent exploitation of vulnerabilities in authentication processes. By addressing vulnerabilities in OAuth implementations and ensuring thorough verification protocols, companies can mitigate the risks associated with potential account takeovers and protect customer information from unauthorized access.

Source link

Latest articles

Microsoft 365 Users Targeted in Rare Password Spray Attack

In a recent revelation from cybersecurity firm Huntress, it was reported that a notable...

FortiBleed Credential Theft Connected to INC and Lynx Ransomware Activities

The newly uncovered FortiBleed campaign has raised significant security alarms within the cybersecurity community,...

Pegasus Spyware Targets European Parliament Member Investigating Spyware Misuse

A recently unveiled forensic investigation has shed light on a serious breach of privacy...

Qilin Leads the Ransomware Market, According to Infosecurity Magazine

The ransomware ecosystem is undergoing significant transformation, shifting from fragmentation toward a phase of...

More like this

Microsoft 365 Users Targeted in Rare Password Spray Attack

In a recent revelation from cybersecurity firm Huntress, it was reported that a notable...

FortiBleed Credential Theft Connected to INC and Lynx Ransomware Activities

The newly uncovered FortiBleed campaign has raised significant security alarms within the cybersecurity community,...

Pegasus Spyware Targets European Parliament Member Investigating Spyware Misuse

A recently unveiled forensic investigation has shed light on a serious breach of privacy...