Wormable Apple iCloud Bug Allows Automatic Photo Theft
Ethical hackers have reportedly been earning large payouts from Apple’s bug bounty program for their involvement in discovering 55 bugs during a three-month hack that exposed a wormable Apple iCloud vulnerability that could be exploited for photo theft. The ethical hackers searched through Apple’s infrastructure and systems, discovering a total of 11 critical vulnerabilities that would allow attackers remote authentication or complete control over customer applications.
Notably, the wormable iCloud takeover bug can be leveraged by attackers to steal a target’s documents, photos, videos, and more sensitive information from their Apple device. The team responsible for uncovering the series of flaws have received payouts totaling $300,00 to date, according to a blog post detailing their findings.