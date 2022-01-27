Apple paid a $100,000 award to cybersecurity doctoral student Ryan Pickren for discovering a flaw in the Mac’s webcam. According to Pickren, a series of bugs in Safari and iCloud allowed the camera to be vulnerable, running the risk of malicious websites breaking into the device.
according to the website AppleInsider, this is the largest cash award ever given by the apple company in the cybersecurity rewards program. It is worth noting that Pickren had already received US$ 75,000 – about R$ 408,000, in direct conversion – from Apple in 2019, after discovering a flaw in the iPhone’s camera.
🔎 Intel announces 12th generation processors for laptops
Macs could be vulnerable because of the Safari and iCloud web file system – Photo: Disclosure / Apple
In a more detailed report, Pickren explains that the flaw could give full access to every account the user has on the web. The loophole would also allow malicious software to use the webcam, microphone and even screen sharing, although in the first option the user may see a warning in the form of a green light.
A doctoral student in cybersecurity at the Georgia Institute of Technology, Pickren explained in detail the real danger this could pose if Apple hadn’t fixed the problem. “The bug gives the attacker full access to all websites visited by the victim. This means that in addition to turning on your camera, it can also hack your iCloud, PayPal, Facebook, Gmail, etc. accounts,” she said in a report.
as the website informs 9to5Mac, the breach would be in the sharing app ShareBear. The software asks the user for permission when he is distributing a file with someone else—but it does so only once. The problem is that the user on the other side, with remote access, can change the file at any time, including a dangerous executable.
with information from 9to5Mac and AppleInsider