Security News > 2020 > April > Flaw hunter bags $75,000 off Apple after duping Safari into spying through iPhone, Mac cameras without permission

Flaw hunter bags $75,000 off Apple after duping Safari into spying through iPhone, Mac cameras without permission
2020-04-07 17:58

Independent security researcher Ryan Pickren has revealed how a malicious website could hack Apple's Safari browser on iOS and macOS to spy on the user through the computer's camera without prompting for permission.

Apple fixed the issues with Safari 13.1, crediting Pickren for three bug reports in the patch release notes.

If you have given Safari permission to access the camera in order to use the likes of Skype or Zoom, then it is Safari that controls whether or not a malicious site gets those same permissions.

Pickren set out to discover how to trick Safari into identifying his untrusted site as from the skype.com domain.

A bit of work with browser history and iFrames, and "We now have a sandboxed iframe with the blob://skype.com href and arbitrary JavaScript content. A simple window.open() popup is the final step to glory," said Pickren - glory being in this case a payout for him, and a reminder to the rest of us that giving the web browser super powers is not without risk.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/04/07/apple_safari_camera_hack/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349