Follow us

Is your webcam spying on you?

Letting your laptop or phone camera record you and being spied by hackers can have pretty bad consequences

Updated: November 8, 2021 By Hamna Imran

Webcam, a usually ignored but vulnerable device

Image source – unsplash.com

Webcam hacking has been around for as long as webcams themselves. Cybercriminals are constantly improving techniques for conducting smoother attacks.

Do you use a laptop daily? But how often are you concerned with its security features?

Can a cyber-snooper target you through them? Well, yes!

These attacks can target anyone, generally for ransomware attempts or stealing confidential information, including passwords, capture screen or keystrokes, track online activity, and much more.

2013 Miss Teen USA Cassidy Wolf has been a famous victim of a webcam attack. The man who took pictures of her via webcam to blackmail her was sentenced to 18 months in prison. It's time to take webcam-covering conspiracy theorists seriously!

Who sees you through a webcam?

The camera on your computer and phone, when hacked, can become a tool to spy on you in your own home, and it's easy.

So, anyone interested in hacking webcams may be able to do so as complete information and guides are being sold on the dark web regarding almost everything.

When the laptop is shut down, its webcam can't be activated, but most people leave it on sleep or hibernation mode, making it vulnerable to attack.

Even Mark Zuckerberg admits that he covers his webcam. It depicts the intensity of vulnerability and the damage it may cause.

A recent survey about people covering webcams of their PCs

Hackers may not only see you through the webcam but also have access to your security systems or any other device with a camera connected to the internet.

Scary, right?

How can your webcam get hacked?

Webcams, especially standalone ones, are notorious for having poor security. Thus you might not be the only one to track the activity in your house.

The most common techniques for Camfecting are

  • RAT (Remote Access Trojan)
  • Through malicious Remote support software

The malware, when installed, alters numerous settings in your laptop.

Changes made by Malware

Cyber-snoopers opt for various ways to hack into laptop webcams.

Phishing

Browser extensions are a common way of infecting systems and getting access to webcams.

Many hackers send threatening emails to contact lists found on the dark web, asking for ransom. The chances are that it contains all lies unless any video proof of your webcam recording is provided.

These messages are sent to thousands of people in hopes of scaring a small percentage to get enough money to protect themselves.

Phishing attack statistics

Refrain from clicking links in any suspicious email. It might be a channel for hackers to access your system. Cybercriminals effortlessly trick you into installing malware. This technique is called "phishing."

Waterholing

Another tactic is water holing, where the attacker directs the victim to a website of their interest by following a set of instructions.

The website then secretly installs malware into the device, mostly RAT (Remote Access Trojan).

Online Strangers

Some hackers even befriend their victims first. Yes, you read that right!

It's done using fake identities, most through dating sites. The victim is later persuaded to do unethical acts, which are later used to obtain cash.

To avoid getting into any such trap, don't chat with strangers online. Don't provide any information that may lead to any financial or identity theft.

It may include personal information, whereabouts, address, and picture of yourself or your home, anything that may lead that stranger to you.

Remote tech support

Many third-party support services are filled with scammers, allowing them to leave behind malware without the user's knowledge.

They can deliver the malware through emails, attachments, or flash drives, which infect your device without leaving any major clue.

And what's worse is the availability of the Trojan virus. Back in 2015, it was being sold on the internet for just $40. And gamers beware because bloody stealers Trojan are targeting gaming platforms

A lot of these incidents are mainly caused due to negligence. Users have little to no awareness about security features and how to enable them.

According to a recent survey, 95% of these attacks happen due to human error.

A famous webcam app, Adorcam, recently exposed one of its databases, putting thousands of users at risk. The leaked information included.

  • Location of webcam
  • Microphone activity
  • Wi-Fi network
  • Address and personal information of a user
  • Still, shots uploaded by webcams

Justin Paine, a security researcher, discovered the data exposure and informed Adorcam. The database was later secured.

A recently found webcam app with exposed database

Image source – myce.com

An updated version of FinSpy, a highly controversial German commercial spyware sold by FinFisher, took eight months of constant analysis and engineering at Kaspersky lab in Moscow.

This new version was designed for Windows, Mac OS, and Linux. The malware installs the Trojan spyware platform itself, gathering Intel and hijacking HTTPS traffic.

How Fin Spy gets into the device and what it steals

Image source – kaspersky.com

Exposed webcams

An exposed laptop webcam was found on Shodan in China, having port number 443.

Exposed laptop webcam

Image source – Shodan.io

A potential security vulnerability has been identified in more than 460 hp laptop models. Some of the impacted models are listed in the table below.


Product Name
Fixed version (s)
SoftPaq#
Softpaq Link
HP 240 G2 Notebook
19.3.31.31
SP81891
HP 246 G2 Notebook
19.3.31.31
SP81891
HP 250 G2 Notebook
19.3.31.31
SP81891
HP 250 G4 Notebook
19.3.31.31
SP81891
HP 250 G5 Notebook
19.3.31.31
SP81891

Why is webcam hacking dangerous?

Webcams expose not only your video stream but also your geolocation which may cause much more significant damage.

If this were just about snooping, we probably wouldn't have been highlighting this problem.

While some hackers may do this for their fun but most seek financial gain. The obtained pictures or video recordings are used for blackmailing. The victims are threatened to pay ransom to prevent their unethical photos from being leaked.

According to reports, these amounts vary from $500 to $3000. Not just this, the payment may not be one-time. Some blackmailers keep asking for more by threatening victims from time to time.

Furthermore, hackers also have secret deals with certain websites. Depending on the number of laptops infected by the spyware, the sum varies from $500 to $5000.

They may even lock your laptops and control their activity, which is even scarier.

The recordings and information sold on the dark web can facilitate crimes like kidnapping, robbery, human trafficking, sextortion, and whatnot.

How to detect a hacked webcam

A massive number of manufacturers implement basic passcodes, and in some cases, devices remain unprotected.

Although cyber snoopers execute their plan way before the victim realizes it, there are a few ways to detect whether your webcam is hacked or not.

  1. Always pay attention to devise descriptions and manuals, as most advertising is based on advanced features and ease instead of its security.
  2. A computer's webcam has a tiny light beside it that blinks every time the webcam is activated. If your webcam's light flashes when it's not in use, this is a clue!
  3. If you encounter such a situation, check the apps running in the background. If any of them are using your webcam without permission, you should delete that app or make severe adjustments in its security settings.
  4. Running a security scan is always helpful. It rapidly detects infections and suggests ways to fix them.
  5. Another convenient way is to check your hard drive folders. If a webcam is hacked, the folders would contain webcam recordings you're unaware of, mostly having a random or weird tag.

To stay on the safer side, you should check the following folders regularly for any suspicious activity.

  • Webcam
  • Video
  • Documents
  • Computer

In addition, keep a check on webcam settings. If anything seems unusual or disabled, take necessary action without any delay.

How to access webcam settings

Surprisingly, the majority of people never notice their webcam settings. It is commonly due to a lack of knowledge.

But hold on! We've got your back.

Windows

Here is how you can change your webcam's privacy and performance settings in windows.

  1. Open "Start Menu" and click on the Settings gear icon on the lower-left corner.
  2. In the Settings menu, select "Privacy."
  3. Under App Permissions, select "Camera."

Here you can adjust camera settings as per requirement.

Windows settings

Image source – top-passwords.com

MacBook

To access privacy settings of webcam on MacBook, follow these steps

  1. Click the Apple menu and select "System Preference."
  2. Now click Security and Privacy and choose "Privacy."
  3. Select "Camera" and adjust settings as needed.
  4. You can select and deselect the tick box for camera access.

MacBook setting

Image source – appletoolbox.com

Is covering the webcam enough?

Here are a few ways that may shield you from webcam attacks.

Tools to protect you and your webcams

  1. Process Explorer, a free program that identifies all processes happening on PC at a given time, is an excellent option to detect any suspicious activity.
  2. Other options include Who Stalks My Camera for windows users and Oversight for Mac users.
  3. Antiviruses are must-haves. They are effective in protecting against numerous cyber-attacks. Below are some Antiviruses which are famous for a reason and deliver value.
  • TOTAL
  • Norton
  • Bitdefender
  • McAfee
  1. Constant vigilance is required to keep your webcam secured manually. Avast Premium Security is a webcam shield that not only identifies hacking attempts but also automatically prevents them.
  2. VPNs play a significant role in protecting IP addresses from attackers. Some useful VPNs are

What should victims do?

Instead of shutting themselves out of fear or embarrassment, victims should ask for help.

Remember that you're not alone in this, and confidential support is available.

National Crime Agency's advice for webcam attack victims consists of the following steps:

  • Please report it.
  • Cut communications with the criminal.
  • Don't pay. They might ask for more or still leak your information.
  • Preserve evidence in whatever form possible.

If you have a copy of that content, The Revenge Porn Helpline may be able to help you.

They prevent the same content from being uploaded on Facebook and Instagram.

What webcam leak blackmail victims should do?

Infographic

The following infographic includes some critical statistics and cases of recent webcam attacks, along with some safety practices.

Infographic showing consequences and events of laptop webcam video and image leaks

Feel free to share the code of infographics

<iframe width="574" height="2597" frameborder="0" scrolling="no" style="overflow-y:hidden;" src="/sites/default/files/pictures/data-protection/is-your-webcam-spying-on-you/is-your-webcam-spying-on-you-10.png"></iframe>

Conclusion

The majority of vulnerabilities are related to misconfigurations or the absence of cyber hygiene.

The pandemic might have halted numerous things but not cyber-attacks.

With a hacker attacking every 39 seconds, you should take internet safety seriously now.

An immense number of people have headed towards the internet, spending an average of 145 minutes per day.

It has resulted in increased webcam attacks, with laptops being more prone to these attacks than any other device.

Stay tuned for more valuable content!

Author
Hamna Imran
Cyber Security student and keen learner, writing articles for several other websites.

Leave a comment

click to select