James Delahunty
22 Jun 2013 3:59
A charity in the UK is warning Internet users about a trend of webcam hacking, where hackers switch on webcams on compromised PCs to remotely view victims.
Childnet International is warning that webcams should be disconnected or covered up when not used, and shouldn't be left in bedrooms or other private areas. A BBC Radio 5 investigation found websites where hackers exchanged images and videos of people they had recorded after hacking a PC or a laptop.
Commons Home Affairs Committee chairman Keith Vaz urged teachers to talk to pupils in schools about the dangerous of using webcams, and called on manufacturers to improve security.
The BBC also tells the story of Rachel Hyndman, 20, from Glasgow, who was reportedly watching DVD while in the bath when she noticed that the smell LED light indicating that her laptop's webcam was active had turned on. "I was sitting in the bath, trying to relax, and suddenly someone potentially has access to me in this incredibly private moment and it's horrifying," she said.
"To have it happen to you without your consent is horribly violating."
Horrifying indeed, but is there really anything new to the story? For many years now, trojan horse malware (or now commonly called remote access trojans, or RATs) provided a hacker with considerable control over a victim's PC, including full hard drive access, full control over software that is run, the ability to capture screenshots or even record the screen, turn on a connected webcam or microphone and so on.
In fact, some anti-theft software for laptops, phones and tablets even have these remote viewing features built in to be used in the event that a device is stolen.
Behind the scenes, things may have changed as nowadays access to compromised PCs can be sold for very small amounts of money.
Most of this kind of malware finds its way to victims' PCs by tricking them into clicking on links to maliciously crafted websites that exploit potentially unpatched web browser (or browser plug-in) bugs, or by convincing the victim they need to install certain software, like a video codec.
Keeping a system up to date with the latest security patches, running anti-malware utilities and using common sense will thwart most efforts to compromise a home PC. That is probably what needs to be better taught to the public, rather than simply disconnecting a webcam "just in case."