Discussion
The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables
vaguemit: I recently went to BreachForums and the space was filled with this
datadrivenangel: "Effective defense requires architectural change: treating OAuth apps as third‑party vendors, eliminating long‑lived platform secrets, and designing for the assumption of provider‑side compromise."Designing for provider-side compromise is very hard because that's the whole point of trust...
pphysch: Security-by-obfuscation is ridiculed but I'm a firm believer that preventing yourself from getting owned when someone is able to type 3 letters `env` is a worthy layer of defense. Even if those same secrets are unencrypted somewhere else on the same system, at least make them spend a bunch of time crawling through files and such.
Quarrelsome: It's ridiculed because its no protection on its own when an attacker is motivated. Its fine to add as an additional layer though if you want to make your space mildly custom to protect against broader attacks.I don't see how its necessarily relevant to this attack though. These guys were storing creds in clear and assuming actors within their network were "safe", weren't they?
throwaway27448: Do any services use vercel?
drusepth: It's a really common platform for vibe coded sites, as I understand it.
saadn92: What bites people: rotating a vercel env variable doesn't invalidate old deployments, because previous deploys keep running with the old credential until you redeploy or delete them. So if you rotated your keys after the bulletin but didn't redeploy everything, then the compromised value is still live.Also worth checking your Google Workspace OAuth authorizations. Admin Console > Security > API Controls > Third-party app access. Guarantee there are apps in there you authorized for a demo two years ago that are still sitting with full email/drive access.
antonvs: Small startups often use it but typically outgrow it quickly unless they remain small and simple.
tom1337: I still don't get how this exactly worked. Is the OAuth Token they talk about the one that you get when a user uses "Sign in with Google"? Aren't they then bound to the client id and client secret of that specific Google App the user signed in to? How were the attackers able to go from that to a control plane? Because even if the attacker knows the users OAuth token, the client id and the client secret, they can access the Google Drive etc. (which is bad, I get that) but I simply do not understand how they could log in into any Vercel systems from that point. Did they find the credentials in the google drive?
_pdp_: Once you have a session token, which is what you get after you complete the oauth dance, you can issue requests to the API. It is simple as that. The minted token had permission to access the victim's inbox, most likely, which the attacker leveraged to read email and obtain one-time passwords, magic links and other forms of juicy information.
_pdp_: > OAuth trust relationship cascaded into a platform-wide exposure> The CEO publicly attributed the attacker's unusual velocity to AI> questions about detection-to-disclosure latency in platform breachesTypical! The main failures in my mind are:1. A user account with far too much privileges - possible many others like them2. No or limited 2FA or any form of ZeroTrust architecture3. Bad cyber security hygiene
JauntyHatAngle: Blaming AI is gonna be the security breach equivalent to blaming ddos when your website breaks isn't it.
krooj: Interesting - I wonder if this isn't a case of theft on a refresh token that was minted by a non-confidential 3LO flow w/PKCE. That would explain how a leaked refresh token could then be used to obtain access, but does the Vercel A/S not implement any refresh token reuse detection? i.e.: you see the same R/T more than once, you nuke the entire session b/c it's assumed the R/T was compromised.
greenmilk: To me the biggest (but not only) issue is that blindly connecting sensitive tools to 3rd party services has been normalized. Every time I hear the word "claw" I cringe...
anematode: That part of his tweet made me laugh out loud. I don't understand who it's directed toward.
BoorishBears: The market. Rauch is 'strategic' like that, he'd even use a moment like this sneak in a sound bite to froth the market he has so much skin in"Vercel CEO says AI accelerated attack on critical infrastructure"
hungryhobbit: Why is this same story repeated over and over here?I get it, it's a big story ... but that doesn't mean it needs N different articles describing the same thing (where N > 1).
thisisauserid: Maybe this flood is a response to the constant flood of:"Why do people use Vercel?""Because it's cheap* and easy."*expensive
