Ryan Pickren:
My hack successfully gained unauthorized camera access by exploiting a series of issues with iCloud Sharing and Safari 15. While this bug does require the victim to click “open” on a popup from my website, it results in more than just multimedia permission hijacking. This time, the bug gives the attacker full access to every website ever visited by the victim. That means in addition to turning on your camera, my bug can also hack your iCloud, PayPal, Facebook, Gmail, etc. accounts too. And:
I reported this chain to Apple and was awarded $100,500 as a bounty.
“my bug can also hack your iCloud, PayPal, Facebook, Gmail, etc. accounts too” — Wow!
Obviously, glad this got patched. Amazing when one of these “total access” bugs surfaces.
No matter how carefully you construct your code, no matter how modern the techniques and underlying frameworks, there’s always gonna be holes.
Also nice to see Apple paying up for the help.