Posted on January 30, 2019 at 10:15 PM
A new report revealing a bug in apple audio and video call app, FaceTime, has forced the company to temporarily disable the application. The bug allows any iPhone user to exploit the app and spy on people, according to a recent report published by 9to5Mac.
Apple announced that the issue would be fixed at some point during this week via a software update that is currently being developed.
What does the bug do?
According to the report, the bug, which was revealed on Monday, January 28th, allows any iPhone user to activate another microphone and camera on another user’s iPhone or another iOS device. After doing so, the caller can listen in on the audio on the other end without the recipient ever realizing it.
The process is surprisingly simple, and it does not require any additional software, hardware, malware, or other “tool,” and it all comes down to a single bug that can be exploited. Simply put, the caller would start a FaceTime call, and launch the group call feature by tapping on ‘Add person’ option. Then, they would add their own number, and the app would be tricked into thinking that the recipient has answered the call.
On the victim’s end, the call would continue as usual, without their device showing that it has already answered. Furthermore, researchers have discovered that the bug does not only work on the receiving phone’s audio but on the front camera as well. To activate this, it is required for the recipient to silence the call or dismiss it via the volume control buttons, or a power button. Meanwhile, the recipient still remains unaware of the fact that the device has already established the connection.
Researchers also revealed that the same method goes beyond an iPhone and that it can also affect Mac computers, as well as iPads that have iOS 12.1 version of the system.
After the bug was discovered, Apple disabled the app at around 10:16 p.m. Monday ET. The app is expected to return as soon as the patch gets implemented. Meanwhile, even though the app is currently down, those who remain concerned regarding the issue may want to deactivate it completely until the bug has been fixed.
Following the report, Andrew M. Cuomo, the acting Governor of New York, also made a statement regarding the discovery by calling it an egregious breach of privacy that puts New Yorkers at risk.
Wow, NY Governor Cuomo issues statement on FaceTime issue pic.twitter.com/ECWBp7AbXS
— Mark Gurman (@markgurman) January 29, 2019
And, while Apple did react as quickly as possible, this is yet another indicator that security of devices and software that they use still lacks improvement.