SALT LAKE CITY (ABC4 News) – iPhone users everywhere are out-smarting their smartphones, using them to spy on other iPhone users. Their tool? The so-called “FaceTime Bug.” It’s the latest security breach. But this one is different. Hackers didn’t perpetuate it. It’s actually a rotten Apple app, discovered quite by accident.
It happened Monday. A guy in Chicago, who goes by the name “Baji Mobb” on Twitter, and who appears to be an artist, discovered a big mistake by the world’s largest computer company.
Tuesday, others around the world re-enacted the accident. In the offices of Buzzfeed.com, a reporter named Nicole Nguyen accomplished the easy feat with a colleague, and became, by all appearances, the first journalist to break the story.
And here, in Utah, the cyber ripples are being felt, as people are attempting to call through their FaceTime app, and seeing a “FaceTime Unavailable” message.
Cybersecurity expert, Professor Basil Hamdan of Utah Valley University, says what makes this latest security breach so scary is how easily it happened.
“It did not really need anybody with technical skills to be able to find,” says the professor. “You use the app to call somebody, and you add yourself to the conversation.”
Somehow, adding the caller’s number to the FaceTime call triggered the iPhone on the receiving end of the call to activate the microphone, allowing the caller to hear the recipient, even when the recipient didn’t answer.
“And as soon as they did that,” says Hamdan, “Even if the other party did not pick up the call, you would be able to pick up the audio from the other party.”
But the glitch only got worse from there. iPhone users also discovered that pressing a volume button while making a FaceTime call somehow activated the camera on the recipient’s iPhone, allowing the caller to see, as well as hear, whatever was happening on the other end. The security breach was as invasive as it was easy.
“Apple prides itself on how secure their devices and products are,” says Hamdan, “And prides itself that they care about customers and consumers’ privacy, but this time they just totally dropped the ball on it.”
Apple announced Tuesday it was shutting down its FaceTime group chat server until a fix can be found. The company promises a new and improved FaceTime app by the end of the week, which will be delivered as an operating system upgrade or update.
In the meantime, cybersecurity experts are urging iPhone users to disable their FaceTime app.