Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Watch out for Mac malware that can eavesdrop on webcam sessions

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

October 6, 2016

Mac users: be on the lookout for some nasty malware that can piggy-back on your legitimate webcam sessions.

Patrick Wardle, a former NSA manager who was at the head of research for the agency outlined the security vulnerability with some counter-measures he’s developed during a keynote presentation at the Virus Bulletin Conference.

Peeping Tom-stye malware that abuses the video capabilities of an infected computer to record an unwitting user is a threat to both Windows and Mac users.

To be sure, Mac malware such as Eleanor, Crisis, Mokes and others all attempt to spy on Mac OS X users via their webcam, and this has been ongoing for some time.

But it's not all that dark: modern Macs contain a hardware-based LED indicator that can alert users when the camera is in use. And physically covering the built-in camera also provides a low-tech approach to locking out snoopers, with the downside that it also prevents legitimate utilization.

Wardle has uncovered a fresh dimension to the issue. After examining various OS X malware samples, Wardle identified a new capability that would permit this type of malware to monitor the system for legitimate user-initiated video sessions before surreptitious piggyback on these conversations in order to covertly record the user.

There are no visible indications of this malicious activity, as the LED light is already on. The malware can record both audio and video without fear of detection, Wardle asserted.

During his presentation, he outlined the security threat with various techniques geared towards detecting secondary processes that attempt to access an existing video session on the OS X operating system.

“I have not seen any malware using this technique at this time but this is something that would be trivial for malware to operate in and there simply aren’t any tools available today that at know of to detect this capability,” Wardle asserted.

Mac malware along the lines that Wardle has discussed at the conference could be able to record both sides of a video conversation once it detects the webcam being used, however.

Wardle has released a free Oversight tool that he says can detect and identify any process that accesses the webcam before giving users the ability to either block or allow a process.

All these notifications and/or alerts are all logged, so a system admin could reactively look through the log files to see what and/or who was using the webcam.

Source: The NSA.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer