Header Ads

Malware targeting webcams and microphones has now come up for Mac laptops

Patrick Wardle, an ex-NSA staffer who heads up research at security intelligence firm Synack, discovered a way for Mac malware to tap into your live feeds from Mac's built-in webcam and microphone to locally record you even without detection.

One of the most insidious actions of malware is abusing the video capabilities of an infected host to record an unknowing user. Macs, of course, are not immune; malware such as OSX/Eleanor, OSX/Crisis, and others, all attempt to spy on OS X users.

Wardle is the same researcher who has discovered a number of security weaknesses in Apple products, including ways to bypass the Gatekeeper protections in OS X.

Wardle also released a free tool called RansomWhere? earlier this year that has generic detection capabilities for Mac OS X ransomware variants.

Wardle is scheduled to present his new findings at the Virus Bulletin conference in Denver later today, along with his research demonstrating how malware could easily piggyback on your legitimate webcam sessions to keep its spying activity hidden.

Yes, piggybacking legitimate webcam sessions initiated by you.

Here's How Mac Malware Works:
Since Mac's firmware-level protection lights the green LED for any unauthorized access to user's webcam, Wardle believes that attackers can use a malicious app that quietly monitors the system for any outgoing feed of an existing webcam session – like a Skype or FaceTime call – where the light indicator would already be ON.

The malware then piggybacks the victim's webcam or microphone to secretly record both audio and video session, without any visible indication of this malicious activity and any fear of detection.

In his paper presentation, titled 'Getting Duped: Piggybacking on Webcam Streams for Surreptitious Recordings,' Wardle outlines the threat along with countermeasures to detect "secondary" processes that try to access an existing video session on OS X.

How to Prevent Your WebCam and Mic from Being Hacked

Moreover, physically covering your webcam wit a tape – like what Facebook CEO Mark Zuckerberg and FBI Director James Comey do – also offers a low-tech approach to keeping snoopers away.

 source: Virus Bulletin

No comments

blogmytuts. Powered by Blogger.