RATs in your Apple Mac can help people spy on you with iSight

If you happen to own an older Apple Mac, you’d best cover up that webcam of yours if you don’t want to get creeped out by this latest story.

That’s because, a hacker could possibly be watching you right now, spying on you through your MacBook’s webcam. And now, we’re not just being super paranoid here either – because a new study from researchers at Johns Hopkins University shows it’s all too easy for hackers (or government agents, perhaps) to bypass the Apple Mac iSight camera’s security features, and turn your webcam on and off at will.

MacBook users will note that when the iSight camera is switched on, it always lights up green. This is a security feature – it simply lets you know that the camera is on and that there’s a possibility someone could be watching you. Unfortunately, the researchers at John Hopkins have discovered that it’s possible for hackers to bypass this feature using something called a Remote Administration Tool, or RAT, that allows to control computers remotely, and turn on the camera without any tell-tale lights.

The researchers say that this can be accomplished by reprogramming the camera’s chip so that the camera and light can act independently. Luckily, it seems that this vulnerability only affects older Apple computers, such as the iMac G5, and earlier MacBooks that run on Intel chips.

You might be thinking that this is just a theoretical hack, and that no one’s actually gone and done this before, but you’d be wrong.

Last October, 19-year old California resident Jared Abrahams admitted carrying out just such a stunt, secretly taking dozens of nude photos of at least 12 different women, including Cassidy Wolf, a former Miss Teen USA winner, before attempting to extort money from them. All of the photos were taken using the women’s own webcams, which Abrahams had taken control of without activating the green warning light.

The software used by Abrahams, RAT, has many purposes. It helps IT remotely administer computer networks in schools or workplaces, but it can also be used to spy on people. But not all RATs have the ability to disable the indicator lights when the camera is turned on. But in Abrahams’ case, the RAT he was using was obviously more sophisticated as it allowed him to spy on unsuspecting women without any indication.

Unfortunately, it’s not just extortionist perverts like Abrahams that you have to watch out for either – the FBI also possesses this capability, and has spied on at least two individuals it suspects of terrorism.

Even more worrying is that while the vulnerability discovered by the Johns Hopkins researchers only pertains to older Macs, they claim that hackers could use the same techniques to compromise newer devices too, be it a Mac or a PC.

So how can you tell if your computer is safe? How sure are you that your laptop’s camera is not turned on? How many people are watching your every move this instant?

There’s only one way to make sure you are not being spied on via your laptop’s camera: put a piece of paper on it and secure it with tape.

Original source: The Washington Post


Contributor: Mellisa Tolentino

About Mike Wheatley

Mike loves to talk about Big Data, the Internet of Things, Hacktivists and hacking, but he also hates Google and can never resist having a quick dig at them should the opportunity arise :) Got a REAL news story or tip? Email Mike@SiliconANGLE.com.