Jakarta, CNN Indonesia –
Apple donated Rp4.2 billion (US $ 288,500) to a group hackers a teenager who spent three months trying to break into the technology company’s systems.
This team of young hackers is led by 20-year-old Sam Curry, who works alongside Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes.
As a result, they managed to find 55 vulnerabilities. However, according to the head of the hacking team Sam Curry (20), they could get a total of US $ 500 thousand (Rp7, 3 billion) if Apple had processed all the vulnerabilities they reported.
Of the 55 vulnerabilities they found, 11 were in the severe category. One of the worst vulnerabilities allows hackers to steal files from someone else’s iCloud account.
This vulnerability allows hackers to create worms that steal other people’s iCloud files before infecting the iCloud accounts of their contacts. This vulnerability can occur because iCloud is connected to the Apple Mail connection. So, hackers can infiltrate the iCloud account after sending an email to the iCloud.com email address containing malicious code (malware).
These hackers are labeled “white hat” hackers (white hat hacker) or ethical hacker. They don’t steal data, instead these hackers usually deliberately break into a system to notify companies about vulnerabilities that exist in their systems.
“I’ve never worked on Apple’s bug bounty program so I didn’t really know what to expect,” Curry said in a blog.
They then tried their luck and started hacking into Apple. Although they do not really understand how Apple will pay for the hard work.
“Apple patched all the vulnerabilities shortly after they were reported,” said Curry.
Apple said it really appreciated the work of these white hat hackers. To Business Insider, they said the vulnerability was patched and there was no evidence that the security hole had been exploited by a malicious hacker.
In the process of looking for bugs, Curry and his team acquired knowledge of Apple’s online infrastructure at scale.
Apple has more than 25,000 web servers, including Apple.com, iCloud.com, and more than 7,000 other unique domains, the researchers found.
The team said many vulnerabilities were discovered by searching through unknown Apple web servers, such as its Distinguished Educators site.
Meanwhile, cybersecurity experts said the findings of this security vulnerability proved that the bigger an online organization is, the more worrying is the issue of security vulnerabilities.
So this is according to Tim Mackey, the main security strategist at Synopsys Cybersecurity Research Center, not a reflection of Apple’s badness in maintaining the security of their systems.
(ex)
– .
