Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

Hackers Discover 55 Apple Vulnerabilities, Awarded Nearly $300,000 in Bounties [Updated]

MacRumors

macrumors bot
Original poster
Apr 12, 2001
50,443
11,833


A group of hackers has been awarded nearly $300,000 by Apple for discovering 55 vulnerabilities in the company's systems.



Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes spent three months hacking Apple platforms and services to discover a range of weaknesses. The 55 vulnerabilities the team discovered were of varying severity, with some being critical.

During our engagement, we found a variety of vulnerabilities in core portions of their infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources.

Apple apparently was swift to address the majority of the vulnerabilities, with some being resolved in as little as a few hours.

Overall, Apple was very responsive to our reports. The turn around for our more critical reports was only four hours between time of submission and time of remediation.

As part of Apple's Security Bounty Program, the group was able to receive considerable payments for some of their work. As of Sunday, October 4, they had received four payments totaling $51,500. This included $5,000 for disclosing the full name of iCloud users, $6,000 for finding IDOR vulnerabilities, $6,500 for access to internal corporate environments, and $34,000 for discovering system memory leaks containing customer data.

Since no-one really knew much about their bug bounty program, we were pretty much going into unchartered territory with such a large time investment. Apple has had an interesting history working with security researchers, but it appears that their vulnerability disclosure program is a massive step in the right direction to working with hackers in securing assets and allowing those interested to find and report vulnerabilities.

Apple has been actively investing in its bug bounty program since last year. Security researchers can now receive up to one million dollars per vulnerability depending on the nature and severity of the security flaw.

With the permission of Apple's security team, the group has published an extensive report which details a range of vulnerabilities and methods of locating and exploiting weaknesses. They also hinted that additional bounties may be on the way.

Update October 9: At the time of publication, the group reported that it had received $51,500 in bounties from Apple for four of the vulnerability reports it submitted. The group now says it has received 32 payments from Apple totaling $288,500.

Article Link: Hackers Discover 55 Apple Vulnerabilities, Awarded Nearly $300,000 in Bounties [Updated]
 
Last edited:

Bring Back the Gun

Suspended
Oct 8, 2020
15
43
Cops & robbers!!!

The iOS ecosystem will never ever be safe from vulnerabilities. More and more exploits will be found, and every single iPhone and iPad will always be able to be jailbroken within 9 months of release to unleash the full potential of the Hardware that Apple gives you...because the software is very limiting.

The Good Guys will always have better tools & skills to out run the Bad Guys until the Bad Guys catch up, and by that point the Good Guys will have adopted better tactics and the struggle goes on and on...it’s been happening for thousands of years...nothing new 🙇‍♂️
 
Comment

ss2cire

macrumors regular
Jun 18, 2008
105
78
Earth?
wow. just glad they (hackers) reported it to apple so they (apple) could fix the vulnerabilities.
 
Comment

I7guy

macrumors Penryn
Nov 30, 2013
24,226
12,403
Gotta be in it to win it
Wow, those bugs seem pretty large. Definitely eye opening that iphones are not as secure as I once thought...
Right or wrong, it depends on your impression before reading this article. IOS is clearly more secure now and has been in the past. Those who are informed know there isn't any system without bugs or vulnerabilities and that it's a cat and mouse game.
 
Comment

Sasparilla

macrumors 68000
Jul 6, 2012
1,506
2,422
Nice to see. Vulnerabilities are in every platform (Apple or not) and seeing Apple taking these seriously and addressing them quickly will encourage others to submit vulnerabilities to Apple (so they can be closed off). Nice.

Was surprised that the values seem small for such a big tranche of holes - although it sounds like maybe more money is still coming (saw a discussion referencing $500,000 which sounds much more inline with what these folks found).

Edit: The numbers in the article are incorrect. The bug finders have gotten close to $300k at this point and it may top out over $500k overall. This is good as it incentiveises people to find these holes and report them to Apple for fixing.
 
Last edited:
Comment

centauratlas

macrumors 65816
Jan 29, 2003
1,294
2,050
Florida
If this doesn't convince Apple that end-to-end encryption of iCloud backups and everything else using only on device keys is critical for security, I don't know what else will.

How many more bugs are out there that will allow someone to access data on Apple's servers? or that will allow someone to own your device? etc

Given the severity of these, Apple was probably willing to pay 1000 times that amount.

What other ones are still out there? Plenty no doubt.

(see e.g.

)
 
Last edited:
Comment

centauratlas

macrumors 65816
Jan 29, 2003
1,294
2,050
Florida
wow. just glad they (hackers) reported it to apple so they (apple) could fix the vulnerabilities.

I, too, am glad they reported some, but we don't know that they reported them all though. They might have found 56 and sold the last one to someone willing to pay much more since it was more significant.

Or they might have found 55 out of 60 in the area they were looking, and someone else (e.g. NSA, FBI, CIA, Russia, China, UK, Germany, Australia, NK, Cuba etc) could have found another 5.

It is great they are seemingly white hat hackers and reporting them responsibly, but no one can say that with any certainty.

For black hat hackers, this would be a perfect cover. Find a bunch of bugs, report them, to get access to the special phones. Use that special access to keep reporting 99% of the ones found, while keeping the last 1% of significant bugs for sale to the highest bidder (anonymously of course).
 
  • Like
Reactions: Shirasaki
Comment

Samuel Sosa

macrumors member
Aug 4, 2020
38
45
Wow, those bugs seem pretty large. Definitely eye opening that iphones are not as secure as I once thought...
Technology evolves so do venerabilities. The vulnerabilities of today may have not existed with older iPhones or any OS. This is why its strongly encurrange to move to the lates OS. Not just because of "New Features" that's just a marketing ploy, But for security reasons. Same goes with Microsoft, Apple, any company with an OS. Tech gets smarter so do hackers and tactics.
 
  • Like
Reactions: Breaking Good
Comment

The Cappy

macrumors 6502
Nov 9, 2015
345
604
Dunwich Fish Market
These kinds of headlines slay me. "Over $50,000" you say.

The correct amount was $51,500. It would have been both shorter and more accurate to type the correct number.You don't even have the excuse of vagueness being necessitated by the need for brevity, since you actually type the number in full. You just go out of your way to use incorrect numbers so that you later need to correct yourself. Oh well.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.