Apple pays $ 75,000 for leak that allowed iPhone camera to be taken over
Apple has paid $75,000 to a security researcher who discovered several vulnerabilities in Safari. With this he managed to take over the camera and microphone of an iPhone, provided that a victim had previously given certain permissions.
The hacker, Ryan Pickren, describes on his blog how he found a total of seven bugs in Safari. The vulnerabilities were in the way Safari manages urls parset and web origins. In this way, he could trick the browser into thinking it was on a particular site, when it was actually a different domain. Pickren demonstrates in his blog post how he can take over a user’s camera and microphone in this way on both the iPhone and a desktop with macOS. He does this by making the browser think that the user is on Skype, for example, when in reality it is a different domain. He assumes that the victim has previously given camera and microphone permissions to that specific site. Safari makes it possible to set permissions per website.
Pickren shared his findings with Apple. Because he had found a zero-click access method to sensitive data, he received 75,000 dollars, converted 69,300 euros, from the company. Besides the three bugs to get the camera access, he also found some other bugs. These have been fixed by Apple in iOS 13.4 and Safari 13.1.