Apple Pays $75,000 To Hacker Who Hijacked iPhone Camera

As reported by Forbes, ethical hacker Ryan Pickren has found seven zero-day vulnerabilities that enabled him to construct a kill chain, using just three of them, to hijack the iPhone camera successfully, or any iOS or macOS camera for that matter.

During December 2019, Pickren opted to delve into Apple Safari for iOS and macOS, to “hammer the browser with obscure corner cases” until weird behavior was uncovered. Pickren focused on the camera security model, and found a total of seven zero-day vulnerabilities in Safari (CVE-2020-3852, CVE-2020-3864, CVE-2020-3865, CVE-2020-3885, CVE-2020-3887, CVE-2020-9784, & CVE-2020-9787) of which three could be used in the camera hacking kill chain.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
April 6, 2020 12:43 pm

Hijacking the iPhone camera is possibly one of the most socially worrying attacks we could see. If laptop cameras are compromised then we have been able to use webcam covers, but rarely do people use a cover over our phone cameras as we use them so much.

Phishing emails are still at the root to the problem so people need to remain extra vigilant with such traffic. Losing control to the camera could likely lead to some very embarrassing situations and extortion. Luckily ethical hackers play a very important role in the combat against cybercriminals.

Last edited 2 years ago by Jake Moore
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x