Security researchers discovered a new way to hack the Mac’s built-in webcam this week, and the method is undetectable by users.
Apple built a green LED light into every Mac with firmware-level protection that turns on anytime the sensor is tripped by unauthorized access. The security feature has become increasingly difficult for hackers to beat, but former NSA staffer Patrick Wardle found a way to piggyback on outgoing feeds and record them.
[contextly_auto_sidebar] Wardle, who now leads cyber R&D for security intelligence firm Synack, created an OS X malware sample showing how hackers could stealthily monitor your Mac so that anytime you initiate a video session, the malware covertly records the audio and video.
This hack would work on any video or video chat apps, such as Skype and FaceTime, potentially exposing intimate details of the user’s life. Cult of Mac reached out to Apple for comment on the potential threat, but did not receive a reply.
Preventive measures for Mac hack
To combat the potential Mac hack, Wardle created a tool called OverSight. The free app monitors your webcam and microphone activities, then notifies you if a malicious secondary app accesses the feed. You can then choose to allow or block access.
But if you want to be absolutely certain no one is looking through your webcam, take the Mark Zuckerberg route and put tape over the lens.
Buster Hein is a freelance writer who lives in Phoenix, Arizona. Twitter: @bst3r.
6 responses to “Ex-NSA staffer reveals way to hack Mac’s camera and mic”
And so how do we know the tool isn’t doing the same thing?
The main thing here is that the video streaming must be already started by a trusted service, since (if I’m right) the hacker can’t start it without turning on the green led and this makes a huge difference than enabling the webcam without any advice.
“Ex-NSA staffer reveals way to hack Mac’s camera and mic”
Check out MicroSnitch from the same folks who make LittleSnitch. Five bucks, and you get protection from mic or camera use. Not an ad from me, just an endorsement, as I bought it and use it.
“Reaching out to Apple”. What a joke. You better have Credit Card in hand when doing so.
So to prevent someone “hacking” your webcam by piggybacking on a valid outgoing stream you should put tape over your mac camera. Seems sensible…
The title of the article in the content of the article don’t jive. Piggybacking is not hacking the WebCam without your knowledge, in the sense that the greenlight wouldn’t come on.
This is kind of a misleading title.