Apple Paid $75,000 to Hacker to Uncover Zero-Day Camera Exploits in Safari
Apple paid $75,000 to a hacker to identify multiple zero-day vulnerabilities in Safari. Some of these vulnerabilities could be used to hijack the camera on an iPhone or a MacBook. If you're unfamiliar, a zero-day vulnerability refers to a hole in the software that is not known to the developer or the public.
Security Researcher Identifies Seven Vulnerabilities in Safari, Constructed a Kill Chain to Hack the iPhone's Camera
While the software developer and public are not aware, the vulnerability could be known by the potential attackers who are silently exploiting it. Ryan Pickren discovered the vulnerabilities in Safari once he began to "hammer the browser with obscure corner cases". In total, the security researcher found seven vulnerabilities that involved how Safari analyzed the Uniform Resource Identifiers, initialized secure contexts and managed web origins. Furthermore, three of the vulnerabilities allowed the researcher to get access to the camera by fooling the user to head to a malicious website.
To cut a very long and technical story short: Pickren found a total of seven zero-day vulnerabilities in Safari (CVE-2020-3852, CVE-2020-3864, CVE-2020-3865, CVE-2020-3885, CVE-2020-3887, CVE-2020-9784, & CVE-2020-9787) of which three could be used in the camera hacking kill chain. The vulnerabilities involved the way that Safari parsed Uniform Resource Identifiers, managed web origins and initialized secure contexts. Yes, this involved tricking a user into visiting a malicious website. Still, that website could then directly access the camera provided it had previously trusted a video conferencing site such as Zoom, for example.
Pickren reported about the vulnerabilities through Apple's Bug Bounty Program in December of 2019. Apple validated all the bugs and released a fix for the three-bug camera kill chain in Safari 13.0.5 update in January. As mentioned earlier, Apple paid the security researcher $75,000 for discovering the vulnerabilities.
Pickren states that the most important takeaway from the vulnerability is that “users should never feel totally confident that their camera is secure" regardless of which operating system or device that they are using.
What are your views on the story? Let us know in the comments.
News Source: Forbes