Beware of Webcams!

Attackers trying to infect your computer with malware capable of remote access don’t necessarily seek money; some cybercriminals are just having fun. The most valuable items to these invaders are

Attackers trying to infect your computer with malware capable of remote access don’t necessarily seek money; some cybercriminals are just having fun. The most valuable items to these invaders are private conversations, photos and webcam access, and the most likely victims of such attacks are nice-looking women and teenage girls.

Remote access applications to computers are quite popular and can be widely used for both legal and illegal purposes. Applications like Remote Desktop and TeamViewer are approved by system administrators and tech support staff, as well as by people helping others fix PC issues. But having almost identical functionality is the key part of malware, like with ZeuS, which makes your PC a part of botnet and can be controlled by attackers who are maybe oceans away. Typically, attackers exploit a victim’s PC for financial profit: scan disks for valuable data (payment credentials, passwords, etc.), and then use the ransacked computer for sending spam and performing DDoS attacks. However, some attackers utilize remote access just for spying on their victims to satisfy personal desires.

The most popular attacker activities involve searching for nude photos and spying via webcam.

The most popular search subject for this kind of attacker is private pictures. The invader can manually scan available disks and connected mobile devices in search of the owner’s private photos. The owner can also be spied upon directly if the attacker switches on an internal laptop or external USB webcam, and can then have personal photos captured. Depending on the personal habits and principles of the attacker, such photos could then be published “just for fun” or they could become a base for blackmail.

In addition to spying on victims, another popular pastime amongst attackers is executing practical jokes. Specialized remote access tools for this kind of cybercriminal typically have the capability to interact with a victim: displaying messages on the screen, opening specified websites, removing taskbars or the Windows start button, opening the CD tray and so on. The panic induced by a victim who is experiencing unpredictable computer behavior can be a source of entertainment for these scoundrels.

Unlike money-oriented attackers that often have good technical skills, amateurs who lack both resources and skill usually perform the abovementioned strikes. That is why they seldom use malicious web sites with exploits to infect victims and instead usually try socially engineering attacks or spreading malware through P2P file sharing. To avoid such punks, users should take extra precautions: download applications only from trusted sources, use comprehensive computer protection, avoid P2P file sharing and do not click on suspicious links in e-mails and social networks. In addition, users should pay special attention to their webcams. If it is external, you can disconnect it from the USB and plug-in only when necessary, or at least direct the camera towards the wall when not in use.  It is not possible to do this for laptops and all-in-ones, but most models are equipped with a signal light that is always on when recording. If the camera light is on when not in use, immediately disconnect the laptop’s Wi-Fi and perform an antivirus software check.

Tips

Securing home security

Security companies offer smart technologies — primarily cameras — to protect your home from burglary, fire and other incidents. But what about protecting these security systems themselves from intruders? We fill this gap.