Skip to main content
  1. Home
  2. Mobile
  3. News

Apple pays $75,000 to hacker for discovery of exploits to hijack iPhone camera

By

Apple awarded $75,000 to a hacker who discovered exploits that allowed him to hijack the cameras of iPhones and Macs.

Recommended Videos

Security researcher and former Amazon Web Services security engineer Ryan Pickren disclosed at least seven zero-day vulnerabilities in Safari to Apple, according to Forbes. Three of these vulnerabilities may be used to hijack the cameras of iOS and macOS devices.

Related

The exploit required victims to visit a malicious website, which could then access their device’s camera if it had previously trusted a video conferencing service such as Zoom.

“A bug like this shows why users should never feel totally confident that their camera is secure,” Pickren told Forbes, “regardless of operating system or manufacturer.”

Pickren informed Apple about his discovery in mid-December 2019. Apple validated all seven vulnerabilities, and after a few weeks, released a fix for the iOS and macOS camera exploit. The security researcher was then paid $75,000, which Pickren said was his first earnings from the company.

Security researcher Sean Wright told Forbes that the exploit that Pickren discovered, even if it required the victim to visit a malicious website, was “a very viable form of attack.” Wright added that compared with the attention on webcams in computers, there has not been much focus on the cameras and microphones of mobile phones, which he said is “a far more likely route” for attackers if they want to eavesdrop on their targets.

Bug bounties

Bug bounty programs provide incentives to security researchers to help tech companies find vulnerabilities in their software, instead of the exploits falling into the hands of malicious hackers.

Apple, which launched a bug bounty program in 2016, made changes in August 2019 that included the addition of a $1 million reward for hackers who could launch a “zero-click full chain kernel execution attack with persistence.” In December 2019, the program was finally expanded to accept submissions for macOS bugs.

Apple rival Google has also been generous with its bug bounty program, with an up to $1.5 million reward for “full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices.” In 2019, Google paid a total of $6.5 million in bug bounties, for a total of $21 million since the program was launched in 2010.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Why this 3-year-old iOS feature is one of my favorite things about the iPhone
Focus modes page in the Control Center on an iPhone 16.

Apple's latest software update for the iPhone — iOS 18 — is a big deal. Between more customizable home screens, a huge Control Center update, and all of the new Apple Intelligence features, this year's iOS update has a lot to like.

However, as I've been using my iPhone 16 over the last few weeks, I've realized that one of the iOS features I use the most has nothing to do with the iOS 18 update. Instead, it's an iOS feature that was introduced over three years ago and remains one of my favorite iPhone features year after year. Yes, I'm talking about Focus modes.
How I use Focus on my iPhone

Read more
I did an iPhone 16 Pro Max and Galaxy S24 Ultra camera test. The results shocked me
The back of the Samsung Galaxy S24 Ultra and Apple iPhone 16 Pro Max.

The iPhone 16 Pro Max and the Samsung Galaxy S24 Ultra are both big phones with big screens, big power, and big price tags. The cameras are also impressive, but which one of these two archrivals takes better photos?

I’ve been using the Galaxy S24 Ultra again over the past few weeks and have put it against Apple’s latest top iPhone to find out. And the results are pretty shocking.
The cameras
Apple iPhone 16 Pro Max Andy Boxall / Digital Trends

Read more
There’s an easy way to follow election results on your iPhone. Here’s how
Screenshot of Apple News on an iPhone.

It’s Election Day in the U.S., and Apple is making it easier for people to check real-time results. The Apple News app will have a Live Activity feature that starts displaying results on your device as they come in tonight. The Live Activity on iPhone will appear on the Dynamic Island (if your iPhone has it) and the lock screen.

For the election, the Live Activity feature will provide up-to-date information, eliminating the need to refresh the Apple News app. You can expect results for the presidential, Senate, and House races to be posted.

Read more