Apple paid out $75,000 to hacker who used zero-day exploit to hijack iPhone camera

How to make a FaceTime call on iPhone, iPad, or Mac (Image credit: iMore)

What you need to know

Apple has reportedly paid out $75,000 to hacker Ryan Pickren.
That's because of seven zero-day vulnerabilities he discovered in Apple's software.
He was able to use them to hijack the camera on any iOS or macOS device.

A report from Forbes claims that hacker Ryan Pickren was paid $75,000 by Apple's bug bounty program for seven zero-day vulnerabilities he discovered in Apple's software.

According to the report

One hacker found no less than seven zero-day vulnerabilities that enabled him to construct a kill chain, using just three of them, to hijack the iPhone camera successfully. Well, any iOS or macOS camera for that matter. Here's how he did it and what happened next... It was as part of this Apple bug bounty program that Ryan Pickren, the founder of proof of concept sharing platform BugPoC, responsibly disclosed his seven zero-day vulnerabilities discovery that enabled him to hijack the iPhone camera, and earned a none-too-shabby $75,000 from Apple for his efforts.

According to the report, in December of 2019 Pickren starter to "hammer" Apple's Safari browser for iOS and macOS to uncover weird behavior, particularly in relation to camera security. Eventually, he discovered seven zero-day vulnerabilities in Safari, three of which could be used in a "camera hacking kill chain." The exploit involved tricking a user into visiting a malicious website.

Pickren reported his research to Apple in mid-December:

"My research uncovered seven bugs," Pickren says, "but only 3 of them were ultimately used to access the camera/microphone. Apple validated all seven bugs immediately and shipped a fix for the 3-bug camera kill chain a few weeks later." The three-0day camera kill chain exploit was dealt with in the Safari 13.0.5 update released January 28. The remaining zero-day vulnerabilities, judged to be less severe, were patched in the Safari 13.1 release on March 24.

As you'll note, all of these bugs have been patched and fixed, so you don't need to be worried about them. It's standard industry practice for hackers and security companies to disclose their findings to companies, giving them time to patch issues before they make them public. Pickren picked up $75,000 for his troubles, which is not to be sniffed at. Apple's Security Bounty Program can pay up to a massive $1.5 million for the most serious exploits. Regarding the program Pickren stated:

"I really enjoyed working with the Apple product security team when reporting these issues... the new bounty program is absolutely going to help secure products and protect customers. I'm really excited that Apple embraced the help of the security research community."

You can read the full report here.

Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design. Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple. Follow him on Twitter @stephenwarwick9