Apple takes Group FaceTime offline

In Opinions

Tomas Foltyn, security writer at ESET discusses the latest security debacle with Apple after a spy bug was discovered in Apple’s video and audio call app FaceTime that can be easily exploited to spy on people.

Apple is promising to issue a software update later this week to fix a strange and serious bug in Apple’s video and audio call app FaceTime that can be easily exploited to spy on people, according to a 9to5Mac report.

This is after another report on the site revealed late yesterday that the glitch allows any iPhone user to video-call another iPhone user via FaceTime and listen in on the audio on the other end – before the recipient has accepted or rejected the incoming call.

How does it work? In short, the caller would initiate a FaceTime video call and immediately afterwards launch the app’s group calling feature by tapping on ‘Add person’ and adding their own phone number. That’s all it takes to trick FaceTime into believing that the recipient has just answered the ‘conference call’, enabling the caller to hear the audio on the other end – unbeknownst to the victim.

Meanwhile on the screen of the victim’s device, it would appear as if the phone were still ringing with the FaceTime request.

https://twitter.com/BmManski/status/1089967572307640325

What is more, while it was at first believed that ‘only’ the audio can be exposed, BuzzFeed News later wrote that the bug can apparently also activate the front-facing video camera of the recipient’s handset. If the recipient dismisses or silences the incoming FaceTime conference call by pressing the power button or one of the volume controls, their handset will begin to send live video, too. Again, this happens with zero awareness on the victim’s part.

The ‘exploit’, so simple as to being bizarre, is also ‘deployed’ when making a FaceTime call from an iPhone to a Mac computer. According to the CNN, the bug affects iPhones and iPads running iOS 12.1, which introduced Group FaceTime, as well as computers running macOS Mojave.

The issue has attracted the attention of Governor of New York Andrew M. Cuomo, who called the bug “an egregious breach of privacy”.

The Verge reports that Apple’s disabling of Group FaceTime has largely fixed things while the software update is in the works. If that doesn’t ease your concerns, however, you may want to deactivate the app until Apple delivers the update.

Comments

You may also read!

SANS Institute to deliver first cyber security training event in Oman at SANS Muscat 2019

SANS Institute, the global leader in cyber security training, announced the company’s first ever cyber security training event, SANS Muscat 2019, to be

Read More...

Tenable announces general availability of Predictive Prioritization in Tenable.io

Tenable Inc, the Cyber Exposure company, has announced that Predictive Prioritization is now generally available within its cloud-based vulnerability

Read More...

Huawei to drive discussion on 5G commercialization at SAMENA Leaders Summit

Huawei, a leading global provider of information and communications technology (ICT) infrastructure and smart devices, will host the ‘5G is

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu