Safari browser’s bug let hackers hack Camera and Mic of Apple Devices
A security researcher allegedly found a security bug in the Safari web browser. Safari is the official browser provided by Apple for its iPhones and macOS running devices. Because of the bug that is present in the browser, hackers can hack Safari camera and mic of Apple users without authentication. A key feature of Apple’s web browser Safari is that it allows its users to save the device authentication choices according to each website. This feature helps a hacker to design a malicious website to utilize Skype authentication. And then after hacking, turns on your Safari camera to take a snap or sneak into your device microphone to hear what you say.
See: Looking for a Best TV in 2020.? Check Out this List & Choose the Best.
How do Hackers hack your Safari Camera And Mic?
Ryan Pickren, the security researcher explains how Safari lets different URLs use the access granted by its user. For instance, if a user gives access to its mic and camera to a URL https://www.abc.com. All the URLs carrying abc.com will be able to access the camera and mic authentication on the Safari browser. This feature can be used in a negative way by hackers to develop a fake abc.com and take advantage of the same authentication without taking permission from the user, This results in an unlimited access to the device of the user and uses its data in a harmful way.
The researcher, Karen claims that these flaws were already present in the Safari browser for years. Finally, he brought such seven bugs to the notice of Apple in December 2019. Apple, accepted that the bugs he brought were rea. And so, they released a bug bounty for Karen as part of its bug bounty program worth $75,000.
Also read: Leaks Reveal a New Ultramarine Blue Finish For Upcoming OnePlus 8 Pro
Already Fixed!
Apple, however, has fixed these bugs in all its operating systems through updates in January and March. In case, you have updated your operating system, congratulations, you’re saved. But, if you haven’t updated it yet, now is the time. Be sure that you do it as soon as possible, otherwise, you’re personal data might be in danger.
