Skip to main content
  1. Home
  2. Mobile
  3. News

Apple pays $75,000 to hacker for discovery of exploits to hijack iPhone camera

By
 

Apple awarded $75,000 to a hacker who discovered exploits that allowed him to hijack the cameras of iPhones and Macs.

Recommended Videos

Security researcher and former Amazon Web Services security engineer Ryan Pickren disclosed at least seven zero-day vulnerabilities in Safari to Apple, according to Forbes. Three of these vulnerabilities may be used to hijack the cameras of iOS and macOS devices.

Please enable Javascript to view this content

The exploit required victims to visit a malicious website, which could then access their device’s camera if it had previously trusted a video conferencing service such as Zoom.

“A bug like this shows why users should never feel totally confident that their camera is secure,” Pickren told Forbes, “regardless of operating system or manufacturer.”

Pickren informed Apple about his discovery in mid-December 2019. Apple validated all seven vulnerabilities, and after a few weeks, released a fix for the iOS and macOS camera exploit. The security researcher was then paid $75,000, which Pickren said was his first earnings from the company.

Security researcher Sean Wright told Forbes that the exploit that Pickren discovered, even if it required the victim to visit a malicious website, was “a very viable form of attack.” Wright added that compared with the attention on webcams in computers, there has not been much focus on the cameras and microphones of mobile phones, which he said is “a far more likely route” for attackers if they want to eavesdrop on their targets.

Bug bounties

Bug bounty programs provide incentives to security researchers to help tech companies find vulnerabilities in their software, instead of the exploits falling into the hands of malicious hackers.

Apple, which launched a bug bounty program in 2016, made changes in August 2019 that included the addition of a $1 million reward for hackers who could launch a “zero-click full chain kernel execution attack with persistence.” In December 2019, the program was finally expanded to accept submissions for macOS bugs.

Apple rival Google has also been generous with its bug bounty program, with an up to $1.5 million reward for “full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices.” In 2019, Google paid a total of $6.5 million in bug bounties, for a total of $21 million since the program was launched in 2010.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Google Pixel 10 leak is a warning shot for Apple to lift its iPhone game
Leaked render of Google Pixel 10.

Google’s Pixel phones have cultivated a solid reputation for their stunning camera chops. In 2025, Google might take things to the next level with the Pixel 10, edging past mainline iPhones in the process. As per a fresh leak, it seems the company’s next baseline flagship will take the zoom capture prowess to newer heights.

The folks over at Android Headlines (in collaboration with @OnLeaks) have shared alleged product renders of the upcoming Pixel 10, which shows a triple-lens camera array at the back. On the Pixel 10, buyers will be greeted by a dedicated telephoto zoom camera.

Read more
Apple might have a way to boost battery life in the iPhone 17 Air
A rendered concept of what the iPhone 17 Air might look like.

Everyone is excited to learn about the ultra slim iPhone 17 Air that Apple is working on, but many people have expressed concerns about its potential battery life, given the small amount of space that will be available for a battery within the device. With a reported thickness of just 5.5mm, and apparently a large screen of up to 6.7 inches in size, the iPhone 17 Air seeks to cram a lot of functionality into a very slim form.

But with a thin device always comes a tricky problem: how to fit in a battery large enough to hold a reasonable amount of charge. According to industry analyst Ming-Chi Kuo, the iPhone 17 Air will solve this problem by making use of a high-density battery.

Read more
Apple’s foldable iPhone might serve a price shock
Conceptual foldable iPhone running Notes app.

Apple’s foldable iPhone project has so far remained in the realms of consumer tech imaginations. However, from time to time, we hear industry insiders and analysts dropping a few nuggets of information about it. The latest such prediction comes from Ming-Chi Kuo, and it’s not a good one.

In his latest investor note, Kuo has given an expected price range of roughly $2,000 to $2,500 for Apple’s book style folding phone. For comparison, Samsung’s latest and greatest foldable phone, the Galaxy Z Fold 6, carries a price tag worth $1,900.

Read more