Mac webcam hack nets student big payout

The new Apple Mac webcam vulnerability could potentially expose all your web-based accounts to hackers (Source: Reuters) (Thomas Peter / reuters)

A cyber-security student has just won himself US$100,500 ($142,714) from Apple by discovering how hacking Mac webcams can leave devices completely exposed to hackers.

Ryan Pickren's earning is supposedly Apple's largest bug bounty payout to date.

• Also read: DIY phone repairs: Apple to start selling spare parts

• Also read: Addicted to your mobile phone? 3 surprising ways to beat it

• Also read: Don’t take this phone call during tax season, ATO warns

The tech giant has not commented on the bug nor confirmed if it was actively exploited.

What's the issue?

The new webcam vulnerability highlights a series of defects with iCloud and Safari, which Apple has now supposedly fixed according to Pickren.

Before it was secured, a malicious website could launch an attack using these defects to their advantage.

In his hack, Pickren successfully gained unauthorised camera access by exploiting several issues with iCloud Sharing and Safari 15.

Though the bug requires the victim to open a pop-up from the hacker's website, it leads to more than just multimedia permission hijacking once the victim clicks 'Open'.

The attacker would have full access to all web-based accounts, from iCloud to PayPal to Facebook and Gmail, along with permissions to use the camera, microphone, and screen sharing.

The regular green light would still come on as normal if the camera were used.

This hack could eventually empower an attacker to gain absolute access to a device's entire file system. according to Pickren. The hacker would be able to do so by exploiting Safari's 'webarchive' files, the system the browser uses to save local copies of websites.

"A startling feature of these files is that they specify the web origin that the content should be rendered in, which is an awesome trick to let Safari rebuild the context of the saved website," Pickren explained.

The fix

Given that a user has to download such a webarchive file, and then also open it, Pickren believes Apple had not considered this a realistic hack scenario when it first implemented Safari's webarchive.

"A decade ago, when this decision was made, [the] browser security model wasn't nearly as mature as it is today," Pickren said.

Following his discovery, Apple has now made camera access significantly more difficult.

Multimedia access is now allowed only when the protocol is "https:" and the domain matches saved settings of the user.

Cleverly malformed URIs won't be able to gain access any longer.

Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to the free Fully Briefed daily newsletter.