Apple Hired Hacker to Detect Security Flaws in Products

0
  • The global giant have rewarded the hacker with $75,000
  • Out of seven, three would led to camera being hacked
  • Zero-day vulnerabilities could led to camera being hacked

The US based giant hired an ethical hacker who discovered multiple security flaws that could have led to the iPhone camera being hacked. According to reports, Apple has now fixed these flaws and rewarded the hacker with $75,000 (approximately Rs 57.31 lakh). According to a report by Forbes, Ryan Pickren, who is an ethical hacker, discovered as many as seven vulnerabilities in Apple’s browser Safari.

Pickren had found these security flaws back in December 2019 and reported the to apple. Apple promptly fixed the more serious ones in January 2020 when it rolled out an update to Safari. the 13.0.5 update of Safari had fixed the flaws. The rest – less harmful ones- were fixed in march 2020 with 13.1 Safari update.

‘Zero-day’ vulnerabilities

Out of these seven flaws, three could’ve led to the iPhone camera being hacked. He called it ‘zero-day’ vulnerabilities, these could have been exploited by hackers to access camera and microphone permissions. Also, he claimed that if an iPhone user visited a malicious site, then phones would have been at risk.

“I really enjoyed working with the Apple product security team when reporting these issues,” he said. he also said that, “the new bounty program is absolutely going to help secure products and protect customers. I’m really excited that Apple embraced the help of the security research community”, says Ryan.

The Bug Bounty program by Apple

“As a part of Apple’s commitment to security, we reward researchers who share with us critical issues and the technique used to exploit them. We make it a priority to resolve confirmed issues as quickly as possible in order to best protect customers. Apple offers public recognition for those who submit valid reports, and will match donations of the bounty payment to qualifying charities.”