Apple Pays $75,000 To Hacker Who Hijacked iPhone Camera

As reported by Forbes, ethical hacker Ryan Pickren has found seven zero-day vulnerabilities that enabled him to construct a kill chain, using just three of them, to hijack the iPhone camera successfully, or any iOS or macOS camera for that matter.

During December 2019, Pickren opted to delve into Apple Safari for iOS and macOS, to “hammer the browser with obscure corner cases” until weird behavior was uncovered. Pickren focused on the camera security model, and found a total of seven zero-day vulnerabilities in Safari (CVE-2020-3852, CVE-2020-3864, CVE-2020-3865, CVE-2020-3885, CVE-2020-3887, CVE-2020-9784, & CVE-2020-9787) of which three could be used in the camera hacking kill chain.

Experts Comments

April 06, 2020
Jake Moore
Cybersecurity Specialist
ESET
Hijacking the iPhone camera is possibly one of the most socially worrying attacks we could see. If laptop cameras are compromised then we have been able to use webcam covers, but rarely do people use a cover over our phone cameras as we use them so much. Phishing emails are still at the root to the problem so people need to remain extra vigilant with such traffic. Losing control to the camera could likely lead to some very embarrassing situations and extortion. Luckily ethical hackers play a.....Read More
Hijacking the iPhone camera is possibly one of the most socially worrying attacks we could see. If laptop cameras are compromised then we have been able to use webcam covers, but rarely do people use a cover over our phone cameras as we use them so much. Phishing emails are still at the root to the problem so people need to remain extra vigilant with such traffic. Losing control to the camera could likely lead to some very embarrassing situations and extortion. Luckily ethical hackers play a very important role in the combat against cybercriminals.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.