Apple has rewarded $100,500 to a cyber security student who has shown the tech giant how the webcams in its Mac computers get hacked and how the devices become open to hackers. The reward was from Apple’s bug bounty program.
Apple Rewards Cyber Security Student
The student, Ryan Pickren, had discovered a Mac camera and iPhone camera vulnerability in the past. Now, he has been awarded Apple’s largest bug bounty payout, according to Apple Insider.
Pickren said that the new webcam vulnerability concerned a couple of issues with iCloud and Safari. He said that Apple has now fixed those issues, but before it was patched, a malicious website could launch an attack with them.
In his full account of the discovery, Pickren explains that it would give the hacker full access to all web-based accounts, from PayPal to iCloud.
The vulnerability would also give hackers permission to use the camera, microphone, and screensharing features of the device, according to Wired.
If the hacker used the camera, its regular green light would come on as normal.
Pickren reports that the same hack would mean that a hacker could gain full access to a device’s whole filesystem. It would do so by exploiting the web archive files of Safari, which is the system that the browser uses to save local copies of websites.
Pickren said that a startling feature of these files is that they specify the web origin that the content should be rendered. He said that this is a good trick to let Safari rebuild the context of the saved website.
But as the authors of Metasploit wrote back in 2013, if a hacker could modify this file, they could achieve universal cross-site scripting or UXSS by design.
A user has to download a web archive file and then also open it. Pickren said that this meant Apple did not consider this a realistic scenario for hacking when it first implemented the web archive feature of the Safari browser.
Pickren added that this decision was made 10 years ago when the browser security model was not nearly as mature as of today.
Tightening Mac’s Security
Pickren added that before Safari 13 was launched, no warnings were displayed to the user before a website downloaded arbitrary files. This meant that planting the web archive file was very easy.
Apple has not released a statement regarding the bug, nor has it revealed if it has known that it has been exploited.
But the tech giant has paid Pickren $100,500 from its bug bounty program, $500 more than in the past reported payouts.
Apple’s bug bounty program can officially award people up to $1 million, and the tech company publishes a list of maximum sums per category of security issue reported.
Last year, Apple’s bug bounty program was under fire due to poor communication, payment confusion, and other issues. Apple has not responded to the accusations of the researchers yet.
Currently, there is no requirement for security experts to disclose to the public how much they’ve been awarded.
Apple may have paid Pickren more than $100,500. However, the tech giant has previously been criticized for paying people less than its own maximums and being too slow to patch bugs.
This article is owned by Tech Times
Written by Sophie Webster
ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.