Apple Pays $100,000 Bounty to Student Who Successfully Hijacks a Mac’s Camera
Apple Pays $100,000 Bounty to Student Who Successfully Hijacks a Mac's Camera
A cyber security student successfully managed to hack a Mac'southward camera, and for his efforts, he was awarded $100,000 in compensation from Apple. Want to know how he did it? Then keep reading on.
Student Says the Bounty Was the Highest Amount Apple tree Has Ever Paid and so Far
Ryan Pickren is a Ph.D. student in cyber security at the Georgia Institute of Applied science. Previously, in 2019, he found some vulnerabilities that he successfully exploited, which enabled him to switch on an iPhone camera and its microphones without requiring the user to activate privacy permissions. For his efforts, he was paid a bug compensation of $75,000 from Apple.
Since and so, he has moved on to the Mac's camera, and he explains below how he achieved the feat.
"My hack successfully gained unauthorized camera access by exploiting a series of issues with iCloud Sharing and Safari 15. While this bug does require the victim to click "open up" on a popup from my website, it results in more than just multimedia permission hijacking. This time, the issues gives the attacker total access to every website ever visited by the victim. That ways in addition to turning on your photographic camera, my bug can also hack your iCloud, PayPal, Facebook, Gmail, etc. accounts too."
Hacking the Mac's photographic camera involved finding an invulnerability in an iCloud sharing app called ShareBear. If you accept an invitation to share a document with another person, your Mac volition remember that permission has been granted and will not ask again if you re-open up the certificate at a after time. Since the file is not stored on your local storage, the owner can change it afterward yous have accessed it.
That same file's type tin also be inverse, turning it into an executable, allowing malicious individuals to proceeds admission to someone's computer. Pickren used this idea to turn a Pages document or image into malware, and since your Mac volition not as for permission again, information technology will happily open it, thereby granting access. In improver to hacking the Mac'southward photographic camera, Pickren also obtained admission to the machine's microphone.
Unfortunately, since Apple'due south green LED lights upwards whenever this happens, fifty-fifty under normal circumstances, a curious user on the other end can chop-chop figure out what is going on and have appropriate measures. Pickren submitted these bugs to Apple in mid-July last year, and since then, the company has patched this invulnerability. For these findings, the technology behemothic rewarded him $100,500 in bounty, which Pickren claims is the highest sum ever paid by the visitor through its security program.
News Source: Ryan Pickren
Stay in the loop
Get A DAILY DIGEST OF LATEST Engineering NEWS
Directly to your inbox
Subscribe to our newsletter
Source: https://wccftech.com/apple-pays-100k-bounty-for-hacking-mac-camera/
Posted by: rosshiche1977.blogspot.com
0 Response to "Apple Pays $100,000 Bounty to Student Who Successfully Hijacks a Mac’s Camera"
Post a Comment