The paper is entitled Getting Duped: Piggybacking on Webcam Streams for Surreptitious Recordings.Īfter examining various ‘webcam-aware’ OS X malware samples, the research will show a new ‘attack’ that would allow such malware to stealthily monitor the system for legitimate user-initiated video sessions, then surreptitious piggyback into this in order to covertly record the session. Wardle was the researcher who previously uncovered a way for malware to bypass Gatekeeper protection to run unsigned apps, as well as pointing out a flaw in Apple’s fix for the Rootpipe vulnerability that allowed an attacker with local access to a Mac to escalate their privileges to root. His presentation is being delivered at the Virus Bulletin conference in Denver later today.Īlthough any unauthorized access to the webcam will light the green LED – a firmware-level protection that is exceedingly difficult to bypass – Wardle’s presentation shows how a malicious app can tap into the outgoing feed of an existing webcam session, like a FaceTime or Skype call, where the light would already be on … Security researcher and former NSA staffer Patrick Wardle is this afternoon demonstrating a way for Mac malware to tap into live feeds from the built-in webcam and microphone.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |