Ryan Pickren has just done Apple a huge favor. This cybersecurity student, currently a doctoral student at the Georgia Institute of Technology, has indeed spotted a vulnerability on the camera of a Mac that could have posed real problems for the Cupertino company. Note that he had already done the same on an iPhone in 2019 and had obtained $75,000.
The company has therefore decided this time to reward him by paying him 100,500 dollars, the largest sum ever paid by the Apple brand as part of a bug bounty. As a reminder, this is a reward program through which a company rewards people who identify problems with their services or products.
Apple can pay up to $1.5 million depending on the case
In detail, we learn that this flaw concerned concerns related to Safari and iCloud and that Apple has since corrected them.
Quoted by 9to5mac, the young cybersecurity expert specifies: “ My hack managed to gain unauthorized access to the camera by exploiting a series of issues with iCloud Sharing and Safari 15. Although this bug requires the victim to click “open” on a popup on my website , it involves more than just media permission hijacking. This time, the flaw gives the attacker full access to all websites visited by the victim. This means that besides turning on your camera, my bug can also hack your iCloud, PayPal, Facebook, Gmail accounts. »
For now, Apple has not commented on this. The bug bounty program can in any case make it possible to allocate up to 1.5 million dollars depending on the security problem identified.