Apple has been able to build a reputation for their security method but over the recent years, apple has had a few missteps. A security researcher recently shared new discoveries about the dangers of certain vulnerabilities that have already allowed attackers to use three Safari bugs to get into the victims webcam and microphone on both iOS and macOS.
Apple has already patched up these certain vulnerabilities in both January and March updates but before the fix, a simple malicious link would grant the attacker access to spy on the victim. According to Ryan Pickren who is a security researcher, "Safari encourages users to save their preferences for site permissions, like whether to trust Skype with microphone and camera access."
How did these bugs cause damage?
Pickren found certain bugs that stem from some minor oversights just like how Safari's list of permission which a user has granted treats every single URL variation as part of the same site! It goes like this, if a website's name is "https://example.com" other variations just like "fake://example.com" would still be considered as one!
Pickren said that the hackers are able to "wiggle around" and craft URLS which could work as embedded scripts in the malicious site that could act like a bait-and-switch that would then trick Safari. "I just kind of hammered the browser with really weird cases until Safari got confused and gave an origin that didn't make sense."
A recent hack incident
There was an incident where a hacker was able to trick the victim into clicking a certain malicious link which then launched into the victim's webcam and microphones as well capturing videos, taking photos, and also recording audios. The attack would possibly work on other devices just like iPhones, iPads, and also Macs alike.
The flaws are not found in Apple's microphone or webcam protection themselves or even in how Safari's defense functions against malicious sites from accessing the sensor. The attackers were just really able to break certain barriers by creating a general convincing discuise.
Pickren then submitted a series of seven possible vulnerabilities in Apple's bug bounty program back in mid-December and he has also stated that he was able to get response that the company had finally validated said bugs the following day. Although hackers would only make use of three of the bbugs in order to control the webcam as envisioned by Pickren, he has still found another flaw which he submitted as well.
The last vulnerability
According to Pickren, the very reason that he has been able to encounter these extra bugs was because he was looking for a chain that would work well on both the iOS as well as macOS since Safari is designed a little different for each.
Apple has grown its bug bounty program last December in order to accept certain vulnerabilities for the betterment of its products making a healthier relationship with users and outside security researchers.