Skip to main content
  1. Home
  2. Computing
  3. News

Malware allows attackers to silently steal webcam video from your Mac, expert says

Mark Coppock
By

mac webcam hacking vulnerability facetime
radub85/123rf.com
Most people might assume that they’re safe from being surreptitiously recorded as long as their webcam LED remains unlit. After all, manufacturers implement safeguards at the firmware level to ensure that if a webcam is being used to stream or record, then its light will be on. Unfortunately, that’s only half the story.

Former NSA employee Patrick Wardle is presenting data at Thursday’s Virus Bulletin conference that demonstrates it’s possible for a nefarious party to install malware on a Mac that will monitor for legitimate webcam usage and then steal the video stream for its own purposes. Doing so would provide no visual indication of the attack, and so victims would have no reason to limit their activities accordingly, as 9to5Mac reports.

Recommended Videos

Wardle is director of research at Synack, a company that describes itself as a “global team of ethical hackers,” and his conference talk will focus on techniques being developed to monitor for such “secondary” attacks. Wardle has released a free tool that lets users know when such an attack is underway, meaning that you can end that sensitive business video conference or private conversation with your significant other and save yourself some loss of privacy or financial loss.

Related

This isn’t Wardle’s first time at bat when it comes to discovering Mac security flaws. He discovered a method by which malware could get around Apple’s Gatekeeper security feature and inject itself into a system merely by placing code in the same folder as an authorized app. He also identified a trivial workaround that an attacker could use to leverage the Rootpipe vulnerability even on Macs updated with Apple’s patch aimed at addressing the issue.

To safeguard your Mac from attackers who might be stealing your webcam video, you can download and install Wardle’s tool, called OverSight, on any Mac running MacOS 10.10 or later. The small app will monitor the mic and webcam and let users know when a piece of malware has accessed the microphone or webcam. You can then choose to allow or block the process.

Wardle cautions that like all security tools, OverSight is not immune to circumvention by dedicated attackers. Malware running at the lowest levels of a system could possibly access the microphone and webcam without being detected by a tool such as OverSight, And so, the possibility remains that an attacker could be accessing your audio and video regardless, leaving all of us to feel just a tiny bit less secure.

Editors' Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
MacGPT: how to use ChatGPT on your Mac
The MacGPT app for macOS Monterey and Ventura.

Apple might not officially be in the AI space, but a developer has created a legitimate way to bring ChatGPT to macOS and make the chatbot accessible from your menu bar.

The aptly named MacGPT is an application developed by Jordi Bruin that allows you to install ChatGPT as a remote browser on your Mac desktop. The application has been available since the 2022 holiday season and has garnered over 370 ratings, many of which are five stars. MacGPT is currently free, however, Bruin accepts donations. Once out of beta, he will make MacGPT available at the App Store, where it will sell for $5.

Read more
This devious scam app proves that Macs aren’t bulletproof
A close-up of a MacBook illuminated under neon lights.

Pirated software can cause all kinds of headaches, but Mac users might have thought themselves largely immune thanks to Apple’s reputation for solid security. Yet, that complacency could prove quite problematic, as a new strain of nearly undetectable malware has shown.

According to research from security firm Jamf Threat Labs, pirated versions of Apple’s Final Cut Pro moviemaking app have been modified to contain cryptojacking payloads. When installed, the app starts using your Mac to mine the Monero cryptocurrency behind your back, potentially slowing down your machine as system resources are illegitimately gobbled up.

Read more
This major Apple bug could let hackers steal your photos and wipe your device
A physical lock placed on a keyboard to represent a locked keyboard.

Apple’s macOS and iOS are often considered to be more secure than their rivals, but that doesn’t make them invulnerable. One security team recently proved that by showing how hackers could exploit Apple’s systems to access your messages, location data, and photos -- and even wipe your device entirely.

The discoveries were published on the blog of security research firm Trellix, and will be of major concern to iOS and macOS users alike, since the vulnerabilities can be exploited on both operating systems. Trellix explains that Apple patched the exploits in macOS 13.2 and iOS 16.3, which were released in January 2023, so you should update your devices as soon as you can.

Read more