Webcams and microphones - a threat to your security

[Ющук Евгений Леонидович]

An FBI investigation into a U.S. citizen’s complaint about the appearance on the Internet of nude photos of herself, made without her knowledge, revealed that a hacker, a former classmate, was engaged in tracking the woman. The attacker used software to remotely connect to the desktop, made a change in the drivers of the victim’s laptop, so the built-in webcam transmitted the image without warning at the same time and watched it. Details of the investigation can be found in The Washington Post.

Almost all modern laptops are equipped with built-in webcams and have an important feature: they have a light indicator that should turn on at the same time the camera is turned on. However, according to the victims, in those moments when they were being watched, this indicator did not light. Former Assistant Director Tech. Department of the FBI said that the agency has the ability to remotely control webcams of many manufacturers of devices and gadgets, to monitor their owners. As can be understood from the aforementioned incident - not only the FBI has the technical ability to conduct covert surveillance of users of computers and other common household devices with built-in video cameras. Along with computers and smartphones, there are modern Smart TVs with built-in web cameras that can also be hacked. Obviously, attackers can turn on webcams at any time and spy on their owners. This is done using special programs. Any outsider, having certain skills, has the opportunity to access the device, bypassing the security system including a webcam operation indicator. Thus, the owner may not know that the camera is active and is being covertly monitored.

Cyber security experts agree that there are no reasons why attackers could not conduct covert surveillance. Currently, it’s practically impossible to prevent video espionage by owners of portable devices by technological means, but there is a simple and effective way of protection - to stick the lens of the built-in camera, for example, with adhesive tape or tape.

It should be noted that there have already been similar cases of espionage detection through microphones built into household devices and gadgets. In the case of microphones, the situation is even more interesting, the microphone is almost impossible to disconnect or somehow seal. On laptops, the built-in microphone is part of the sound system and it is only possible to disable it programmatically with it. Along with mute, in a laptop, the sound will disappear. And in smartphones, in general, the operation of the microphone is necessary for the normal functioning of the device.

Installing bugs for surveillance - the last day, today's spies do not need to get into apartments and install additional equipment. All that they need for this - and so is practically every person’s. In the continuation of the article, fully published on businessinweb.com, we will try to find out the degree of danger of each household device and tell you how to protect yourself.

How to protect your computer.

With external USB cameras, everything is quite simple - if you do not use them, you can disconnect them from the port. Webcam models equipped with LEDs can report on their activity: if the diode lights up when the video chat program is not running, it is an alarm. Turn off the camera and run an anti-virus scan. Webcam activity can also be detected using the built-in Windows tools. For example, Webcam Surveyor is capable of recording and transmitting video in Stealth mode. But if you open the standard utility “Windows Resource Monitor” you will see the running process, as well as the network load being created. The program for the webcam of a laptop or computer, which is used to monitor via the Internet, is a trojan backdoor. Therefore, to prevent malware from getting onto your computer, you need to be careful - install programs only from trusted sources and regularly update the anti-virus database. Be sure to activate the Windows firewall if the antivirus does not take over the screening function. Exceptions created for the firewall should really be necessary and understandable for you.

How a trojan gets control over a webcam.

A malicious program, like any legal utility, can activate a computer’s webcam. Using API calls and a DirectShow filter, video can be silently extracted and sent to the Internet by an attacker.

Using an API call and a webcam driver, the software can activate the device and start video recording.
Through the API and DirectShow filter, the record gets into the processing program.
The Trojan through the interface or directly receives data from the video stream.

What methods of covert surveillance are most real and methods of protection against them.

The smartphone allows you to conduct covert surveillance not only with the camera, but with a microphone and other sensors, such as a GPS receiver. Mobile gadgets are the most interesting and hackable, primarily because of the variety of data that can be stolen. Along with the footage, the attackers receive information about the location of the shooting via a GPS compass.

Constant connection to the Internet, the presence of cameras and other sensors, a smartphone is a desirable target for an attacker. Unlike stationary PCs, the recording device is constantly moving here along with the tracking object. A modern smartphone can be configured in such a way that it creates a full-fledged panorama of the room from the set of secretly taken pictures. Not only curious hackers are extremely interested in the information, but business competitors as well as device manufacturers themselves are not averse to getting some information for their statistical research. An example of tracking by manufacturers of devices and gadgets is the Identifier For Advertisers function, which was introduced by Apple in iOS 6. The IFA system works by assigning each iPhone or iPad its own identification number. With the help of IFA, data is collected about launched applications, visited websites on the Internet. This information is used to target advertisements displayed to the owner of Apple.

Source- scip.org.ua via SPCR Group on LinkedIn - [DLMURL] https://bit.ly/19G6Fll [/ DLMURL]

 

[Краев Евгений Леонидович]

Thank you, interesting information.

 

[Плотников Юрий Михайлович]

Thank!

 

[Андрей Захаров]

Thanks Eugene. Useful ...

 

[Орлан]

Yes, there is such a thing. Although this is no surprise.