Sextortion warning: It’s masking tape time for webcams

“New worries for the always-connected crowd: Attackers may remotely activate your webcam — without tripping the warning light — and remotely record your every activity, public and private,” Mathew J. Schwartz reports for InformationWeek. “Is it time to invest in some masking tape?”

“For years, malware known as remote-access tools (RATs) have included the ability to surreptitiously activate microphones and webcams — dubbed ‘camjacking’ — amongst other nefarious activities, such as sucking up all of your bank account details,” Schwartz reports. “To avoid RAT attacks, security experts already recommend keeping all operating systems and installed applications up to date. But should everyday users — meaning people who aren’t information security experts or Syrian dissidents — be concerned about camjacking attacks? More to the point, should everyone cover up their webcams when not in use?”

Schwartz reports, “The FBI in 2010 accused Luis Mijangos of sextortion attacks against 230 people, including 44 minors, which involved his compromising their PCs and attempting to extort them into providing sexually explicit videos. Earlier this year, the bureau also arrested Karen ‘Gary’ Kazaryan, charging him with running a similar sextortion campaign against 350 women between 2009 and 2011.”

Read more in the full article here.

50 Comments

    1. Apple had the foresight to avoid this problem by hardwiring the LED camera activity indicator directly into the power circuit for the camera. If the camera is on, so is the LED. This feature cannot be bypassed by malware. Someone would have to physically disassemble your Apple device and rewire it to bypass the LED.

      Yet another example of the fundamental differences between Apple devices and ‘other’ devices. You get what you pay for…and, in this case, a little bit more.

      1. I’ve used the “Hidden App” on my MBP and the camera captures images of whoever is using the computer, without lighting up the green beacon. If Hidden App can do it, can’t other software?

    1. Yet another reason to say NO! to gooooogle chrome
      (as if the hundreds that already exist weren’t enough)

      Anybody know if chrome “ignores” the flash security settings in systems preferences (where you can deny all camera & mic access to all flash applets)

      (A good precaution to do BTW if you don’t actually use flash for video chat))

    1. Or move out of George “God Elected Me” Bush’s police state.

      Your partisan politics lose their effectiveness when the policies you complain about were started by your own party.

    2. Unless you’ve actually lived in a police state, you have no frigging idea what you’re talking about. Talk to someone from Egypt, or Turkey, or Argentina (in the 1970s-80s), or any of a dozen other countries I could name. You might learn something.

      1. We’re getting there Kaplan, we’re getting there…
        The US will become like the old Soviet Union and Russia will be freer like we used to be, the powers that be are playing us, boiling us slowly like a frog in a pot, we’re getting used to warm water.
        It’ll be an authoritarian technologically advanced fascist state. Fascism: government in bed with corporations.
        check this: usahitman.com/nfwocmrd

        1. Has the government started dragging ordinary people away in the middle of the night to “disappear” them? No. Are they torturing political opponents? No. Do citizens need to fear “the knock on the door”? Hell no. I agree that paranoia over terrorism has made us less free. But not THAT much less.

          1. Agreed, the US isn’t even close! If you really knew how the old Soviets worked, just from the comments that mtngoatjoe or chucychan have already posted, in Stalin’s USSR, both of them would disappear to some far away labor camp in Siberia.

            In the US, you can post any crazy rant you want, and at worse you will get castigated as being ridiculous. Check if the shoe fits. I recommend talking to some old timers. You will get a better vision of things. I knew an old-timer who’s family ran from East Germany into West controlled Berlin with the clothes on their backs in order to get away from the tyranny. His descriptions of a real police state are orders of magnitude worse than anything happening in the US.

            1. Brilliant. We should ignore the rising fascism in the USA because it isn’t complete yet. Good plan. Wait until the control is so dominating that speaking out is a guaranteed assassination – that’s your plan?

              If that isn’t your plan, then stop playing down how bad it is now. You’re on the side of the people allowing it to happen by criticizing those who are trying to do something about it.

              The process underway is one of less and less subtle encroachments on our freedom. How bad is it now? Well, someone just released info showing that our government is spying on everyone all the time. The general response? “Let’s turn this into a human-interest story about the leaker and/or the journalist!”

              Are you terrified yet? If the people don’t care about this, by the time they do care, it will be as an underground resistance being murdered by the state, rather than by a democratic rejection of bad policies. I’d rather stop it now via peaceful elections and non-violent direct action than the alternative dark future. You seem to be pushing for the latter, whether you know it or not.

          1. So you must be superstitious to be a good person? You really are fucked in the head. All religion is simply superstitions invented to explain what man did not understand and feared. The standard religious zealot response to bad things is “God moves in mysterious ways”. Superstitions all.

            1. “We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights.” – Thomas Jefferson

              “fucked in the head.”

            2. “No friend have I. I must live by myself alone; but I know well that God is nearer to me than others in my art, so I will walk fearlessly with Him.” – LV Beethoven

              “fucked in the head.”

  1. If an attacker remotely turns on my iMac’s webcam and they caught sight of my tired old hide in the buff, it is they who will go looking for duct tape to cover their eyes or scream out “I’m blind!”

    To which I say to said hackers, “Bring it!”

    1. I have it on good authority (my cousin’s wife’s hairdresser) that the tinfoil being sold today actually contains embedded antennas that transmit your thoughts to the Gubmint.

  2. I don’t know. I think I’ll discard this one. If you activate my webcam and catch me doing anything interesting, and publish it, I’m pretty sure anyone who sees it will need therapy. Also, make sure you spell my name right.

  3. I thought there was mention in an iFixit teardown of the iMac that the green LED is hardwired to the power to the camera… with the implication that you can not operate the camera without the LED being lighted. Does anyone else remember that?

  4. To my knowledge it is NOT possible to remotely activate the webcam without also activating the notification LED next to it. This is a hardware design in which powering up the camera also powers up the LED, they’re on the same circuitry. It’d be pretty dramatic if it was possible – but the article merely claims so without providing any proof at all (not, someone band-aiding their webcam is no proof).

    Until they back their bold claim up with facts I’m calling FUD. That article is really not worth sharing.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.