Apple FaceTime bug lets people eavesdrop on your iPhone or Mac without your knowledge

If you have an iPhone or a Mac you may want to turn off FaceTime: A new bug can let the people that call you to listen in to your conversations even if you don’t answer the call.

The bug, which was widely circulated on the internet Monday night after being spotted by 9to5Mac, is easily accessible. Those looking to exploit the bug simply need to start a FaceTime call, swipe up to add a person and enter your own phone number. This will create a group FaceTime call and automatically answer the call for the first person. Both the caller and the original recipient will be able to hear one another, or if the caller is quiet, allow them to eavesdrop if the recipient did not hear the original call.

Pressing the volume or power button on the recipient’s iPhone, which is usually used to silence or dismiss an incoming call, will also turn on the camera with this glitch allowing the caller to activate your camera — though doing this will disable the audio.

USA TODAY was able to recreate the bug on multiple iPhones running versions of iOS 12.1 on devices ranging from the iPhone 6 to the iPhone XR. We were also able to recreate it on a MacBook Pro, allowing the iPhone to listen in to the Mac running the latest version of Mac OS Mojave.

We were not able to test the bug on an iPad running iOS 12.1 but those who have Apple’s tablets may want to exercise caution until a fix arrives.

In a statement provided to USA TODAY and other media outlets, Apple says that it is “aware of this issue and we have identified a fix that will be released in a software update later this week.”

Twitter quickly filled with users sharing their concerns and with videos replicating the bug.

nic nguyen

@itsnicolenguyen

We found that the FaceTime bug doesn’t just give the caller access to the recipient’s microphone (except if Do Not Disturb is on)… if they press volume up or down, it exposes their iPhone’s front-facing camera, too https://www.buzzfeednews.com/article/nicolenguyen/facetime-bug-iphone 

A FaceTime Bug Allows You To Access Someone’s iPhone Camera And Microphone Before They Pick Up

BuzzFeed News confirmed that the FaceTime bug exposes the call recipient’s front-facing iPhone camera before it is answered if a volume button is pressed.

buzzfeednews.com

nic nguyen

@itsnicolenguyen

pic.twitter.com/Vb6PIefRLL

71

6:38 AM – Jan 29, 2019
Twitter Ads info and privacy

Embedded video

49 people are talking about this

Marques Brownlee

@MKBHD

Tried this
It worked
Disabled Facetime

Andy Baio

@waxpancake

Replying to @waxpancake

1. Start a FaceTime video call.
2. While it’s still ringing, swipe up from the bottom of the screen and click “Add Person.”
3. Add your own phone number to the call.

You’ll now be able to hear the microphone from the other device, even if the owner is nowhere nearby.

9,904

7:29 AM – Jan 29, 2019
Twitter Ads info and privacy
3,117 people are talking about this

John 🐐@jhndrxx_

If you facetime me and answer it yourself, Blocked 💯

533

3:14 AM – Jan 29, 2019 · Chicago, IL
Twitter Ads info and privacy
581 people are talking about this

Embedded video

Benji Mobb™@BmManski

Now you can answer for yourself on FaceTime even if they don’t answer🤒#Apple explain this..

40.2K

12:54 AM – Jan 29, 2019
17.2K people are talking about this
Twitter Ads info and privacy

The bug seems to exploit Group FaceTime,  a feature Apple added in iOS 12 last year to allow for multiple people to FaceTime together. When tried on an iPhone running iOS 11.3, which doesn’t have Group FaceTime support, the bug did not work.

Late Monday night the Apple System Status page showed that Group FaceTime was unavailable. In our own test, USA TODAY confirmed that the company has appeared to have turned off the Group FaceTime feature. Now when someone attempts to turn a regular FaceTime call into a group call the original FaceTime call disconnects entirely.

Regular one-on-one FaceTime calls are still working, though they did not appear to be exploitable by this bug.

Users can turn off FaceTime on their iOS 12 iPhones and iPads in the interim by going to Settings, scrolling to FaceTime and clicking it to the “off” position. Those on a Mac running Mojave can disable FaceTime by opening the FaceTime app, clicking “FaceTime” in the upper left corner and then clicking “Turn FaceTime off” from that drop down window.

 

[“source=usatoday”]