Home News Hacker Discovers Apple Cameras Can Be ‘Hijacked,’ Earns $75K Bug Bounty

Hacker Discovers Apple Cameras Can Be ‘Hijacked,’ Earns $75K Bug Bounty

A security researcher is being rewarded handsomely after he discovered a massive iOS and MacOS camera flaw that would allow bad actors to hijack the camera and microphone in any iPhone or Mac computer, and use it to spy on you.

The vulnerability, actually a series of three vulnerabilities used together, were discovered by security researcher and ‘white hat hacker’ Ryan Pickren in mid-December, and were quickly validated and patched by Apple over the past three months.

According to WIRED, all three bugs had to do with the Safari browser, which could be tricked into allowing an attacker to access your camera and microphone remotely, simply by convincing you, the user, to click one malicious link. This malicious link or website could then “pretend” to be an app that had already been granted microphone and camera permissions—such as Skype—allowing the attacker full access to your camera, microphone, and even screen sharing.

This methodology side-stepped all of Apple’s built-in security measures for your camera, your microphone, and even Safari itself by simply pretending to be another site or app that already has permission—a task Pickren described as simply “wiggling around” until he found a variation on a link that “confused” Safari.

Fortunately, Pickren disclosed the bugs to Apple, who was able to patch all of the vulnerabilities in January and March before paying Pickren a cool $75,000 “bug bounty” for his trouble. That’s why we’re just hearing about these bugs now, when just about everyone should be protected; but if you haven’t updated your iPhone or Mac in the past few months, we suggest you do that right now.

(via Engadget)


Image credits: Photo by @twelve_mp, CC0

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read

Tokina Unveils 17-35mm f/4 for Nikon F and Canon EF

While some might not find this announcement as exciting as a new mirrorless lens, Tokina has unveiled the atx-i 17-35mm f/4 full-frame lens for...

This Guy Watercooled His Canon R5 and Unlocked Unlimited 8K

The Canon R5’s overheating time limit has been the subject of much discussion and controversy. Regardless of how or why the overheating happens, Matthew...

Are These The Best Cameras You Can Buy for Under $1,000?

It’s probably easier for most photography fans to point to the best cameras on the market, not the ones that offer the most value...

Panasonic’s Firmware Updates For All S-Line Cameras Improves Autofocus Yet Again

Panasonic has published a firmware update for all four Panasonic S full-frame cameras. The S1, S1R, and S1H all see improvements to autofocus to...

Editors’ Picks: Best Photo Gear 2020

Our annual selection of the best photo gear for 2020 includes the top cameras and lenses introduced this year that we feel represent the...